cxf-fediz git commit: Removing accidental commit

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

cxf-fediz git commit: Removing accidental commit

coheigea
Administrator
Repository: cxf-fediz
Updated Branches:
  refs/heads/1.4.x-fixes 6d4e960ac -> 5e5cb9bbe


Removing accidental commit


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/5e5cb9bb
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/5e5cb9bb
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/5e5cb9bb

Branch: refs/heads/1.4.x-fixes
Commit: 5e5cb9bbe9609cdf0d2aace61a9b1505d41e3d44
Parents: 6d4e960
Author: Colm O hEigeartaigh <[hidden email]>
Authored: Thu Aug 10 17:43:29 2017 +0100
Committer: Colm O hEigeartaigh <[hidden email]>
Committed: Thu Aug 10 17:44:00 2017 +0100

----------------------------------------------------------------------
 .../fediz/tomcat8/FederationAuthenticator.java  | 47 +++++++++-----------
 1 file changed, 20 insertions(+), 27 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/5e5cb9bb/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
----------------------------------------------------------------------
diff --git a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
index 9981997..e3da1db 100644
--- a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
+++ b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
@@ -374,20 +374,8 @@ public class FederationAuthenticator extends FormAuthenticator {
     protected boolean checkUserAuthentication(Request request, HttpServletResponse response, FedizContext fedCtx) {
         // Have we already authenticated someone?
         Principal principal = request.getUserPrincipal();
-        Session session = request.getSessionInternal();
         // String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
-        if (principal != null && session != null) {
-            if (!session.isValid()) {
-                // Session has expired
-                LOG.warn("Session has expired. Clean up and redirect");
-
-                session.removeNote(FEDERATION_NOTE);
-                session.setPrincipal(null);
-                request.getSession().removeAttribute(SECURITY_TOKEN);
-
-                return false;
-            }
-
+        if (principal != null) {
             LOG.debug("Already authenticated '{}'", principal.getName());
 
             // Associate the session with any existing SSO session
@@ -408,23 +396,28 @@ public class FederationAuthenticator extends FormAuthenticator {
 
     protected boolean validateToken(Request request, HttpServletResponse response, FedizContext fedConfig) {
         Session session = request.getSessionInternal();
-        FedizResponse wfRes = (FedizResponse)session.getNote(FEDERATION_NOTE);
-        Date tokenExpires = wfRes.getTokenExpires();
-        if (tokenExpires == null) {
-            LOG.debug("Token doesn't expire");
-            return true;
-        }
+        if (session != null) {
 
-        Date currentTime = new Date();
-        if (!currentTime.after(tokenExpires)) {
-            return true;
-        }
+            FedizResponse wfRes = (FedizResponse)session.getNote(FEDERATION_NOTE);
+            Date tokenExpires = wfRes.getTokenExpires();
+            if (tokenExpires == null) {
+                LOG.debug("Token doesn't expire");
+                return true;
+            }
 
-        LOG.warn("Token already expired. Clean up and redirect");
+            Date currentTime = new Date();
+            if (!currentTime.after(tokenExpires)) {
+                return true;
+            } else {
+                LOG.warn("Token already expired. Clean up and redirect");
 
-        session.removeNote(FEDERATION_NOTE);
-        session.setPrincipal(null);
-        request.getSession().removeAttribute(SECURITY_TOKEN);
+                session.removeNote(FEDERATION_NOTE);
+                session.setPrincipal(null);
+                request.getSession().removeAttribute(SECURITY_TOKEN);
+            }
+        } else {
+            LOG.debug("Session should not be null after authentication");
+        }
         return false;
     }
 

Loading...