aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java26
1 files changed, 13 insertions, 13 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index d13696d51..8ddeb9ebc 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -134,21 +134,20 @@ public class AuthenticationFilter implements Filter{
log.trace("Request URL: " + requestURL);
- AuthenticationManager authManager = AuthenticationManager.getInstance();
- if (!authManager.isActiveUser(authuser)) {
- //user is not active anymore. Invalidate session and reauthenticate user
- String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID);
- session.invalidate();
- authuser = null;
+ AuthenticationManager authManager = AuthenticationManager.getInstance();
+ if (!authManager.isActiveUser(authuser) && !this.isExcluded(requestURL)) {
+ if (!this.isExcluded(requestURL)) {
+ //user is not active anymore. Invalidate session and reauthenticate user
+ String authID = (String) session.getAttribute(Constants.SESSION_PVP2REQUESTID);
+ session.invalidate();
+ authuser = null;
- //TODO: set infotext
-
- session = httpServletRequest.getSession(true);
- session.setAttribute(Constants.SESSION_PVP2REQUESTID, authID);
- }
-
- if (authuser == null && !this.isExcluded(requestURL)) {
+ //TODO: set infotext
+ session = httpServletRequest.getSession(true);
+ session.setAttribute(Constants.SESSION_PVP2REQUESTID, authID);
+ }
+
if (config.isLoginDeaktivated()) {
//add dummy Daten
log.warn("Authentication is deaktivated. Dummy authentication-information are used!");
@@ -178,6 +177,7 @@ public class AuthenticationFilter implements Filter{
}
} else {
+
if (MiscUtil.isNotEmpty(getAuthenticatedPage())) {
log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\".");