diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-04-14 16:57:59 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2015-04-14 16:57:59 +0200 |
commit | 1b019f2d114b158676b8fa4acc0e2f1c06beeac2 (patch) | |
tree | c9bb6169f68b401efe1966aedb314711f7e22351 /id | |
parent | 70aa50b21c2e9ef9318ed72ae90a67d984db33a7 (diff) | |
download | moa-id-spss-1b019f2d114b158676b8fa4acc0e2f1c06beeac2.tar.gz moa-id-spss-1b019f2d114b158676b8fa4acc0e2f1c06beeac2.tar.bz2 moa-id-spss-1b019f2d114b158676b8fa4acc0e2f1c06beeac2.zip |
fix problem with Authenticated sessions
Diffstat (limited to 'id')
-rw-r--r-- | id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java index d13696d51..8ddeb9ebc 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java @@ -134,21 +134,20 @@ public class AuthenticationFilter implements Filter{ log.trace("Request URL: " + requestURL); - AuthenticationManager authManager = AuthenticationManager.getInstance(); - if (!authManager.isActiveUser(authuser)) { - //user is not active anymore. Invalidate session and reauthenticate user - String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID); - session.invalidate(); - authuser = null; + AuthenticationManager authManager = AuthenticationManager.getInstance(); + if (!authManager.isActiveUser(authuser) && !this.isExcluded(requestURL)) { + if (!this.isExcluded(requestURL)) { + //user is not active anymore. Invalidate session and reauthenticate user + String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID); + session.invalidate(); + authuser = null; - //TODO: set infotext - - session = httpServletRequest.getSession(true); - session.setAttribute(Constants.SESSION_PVP2REQUESTID, authID); - } - - if (authuser == null && !this.isExcluded(requestURL)) { + //TODO: set infotext + session = httpServletRequest.getSession(true); + session.setAttribute(Constants.SESSION_PVP2REQUESTID, authID); + } + if (config.isLoginDeaktivated()) { //add dummy Daten log.warn("Authentication is deaktivated. Dummy authentication-information are used!"); @@ -178,6 +177,7 @@ public class AuthenticationFilter implements Filter{ } } else { + if (MiscUtil.isNotEmpty(getAuthenticatedPage())) { log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\"."); |