add active user-session cleanup process

1 files changed, 6 insertions, 2 deletions

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index 1f631afea..d13696d51 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.configuration.filter;
 
 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.Date;
 import java.util.StringTokenizer;
 import java.util.regex.Pattern;
 
@@ -153,8 +154,11 @@ public class AuthenticationFilter implements Filter{
 				log.warn("Authentication is deaktivated. Dummy authentication-information are used!");
 							
 				if (authuser == null) {
-
-					authuser = AuthenticatedUser.generateDefaultUser();
+					int sessionTimeOut = session.getMaxInactiveInterval();
+					Date sessionExpired = new Date(new Date().getTime() + 
+							(sessionTimeOut * Constants.ONE_MINUTE_IN_MILLIS)); 
+					
+					authuser = AuthenticatedUser.generateDefaultUser(sessionExpired);
 					authManager.setActiveUser(authuser);
 					
 					//authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false);