Repository: cxf-fediz
Updated Branches:
  refs/heads/master fe5f187b8 -> 613852a99


Removing accidental commit


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/613852a9
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/613852a9
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/613852a9

Branch: refs/heads/master
Commit: 613852a995f3c3905dab492b356109b9682c3445
Parents: fe5f187
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Thu Aug 10 17:43:29 2017 +0100
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Thu Aug 10 17:43:29 2017 +0100

----------------------------------------------------------------------
 .../fediz/tomcat8/FederationAuthenticator.java  | 47 +++++++++-----------
 1 file changed, 20 insertions(+), 27 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/613852a9/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
----------------------------------------------------------------------
diff --git 
a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
 
b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
index 9981997..e3da1db 100644
--- 
a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
+++ 
b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java
@@ -374,20 +374,8 @@ public class FederationAuthenticator extends 
FormAuthenticator {
     protected boolean checkUserAuthentication(Request request, 
HttpServletResponse response, FedizContext fedCtx) {
         // Have we already authenticated someone?
         Principal principal = request.getUserPrincipal();
-        Session session = request.getSessionInternal();
         // String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
-        if (principal != null && session != null) {
-            if (!session.isValid()) {
-                // Session has expired
-                LOG.warn("Session has expired. Clean up and redirect");
-
-                session.removeNote(FEDERATION_NOTE);
-                session.setPrincipal(null);
-                request.getSession().removeAttribute(SECURITY_TOKEN);
-
-                return false;
-            }
-
+        if (principal != null) {
             LOG.debug("Already authenticated '{}'", principal.getName());
 
             // Associate the session with any existing SSO session
@@ -408,23 +396,28 @@ public class FederationAuthenticator extends 
FormAuthenticator {
 
     protected boolean validateToken(Request request, HttpServletResponse 
response, FedizContext fedConfig) {
         Session session = request.getSessionInternal();
-        FedizResponse wfRes = (FedizResponse)session.getNote(FEDERATION_NOTE);
-        Date tokenExpires = wfRes.getTokenExpires();
-        if (tokenExpires == null) {
-            LOG.debug("Token doesn't expire");
-            return true;
-        }
+        if (session != null) {
 
-        Date currentTime = new Date();
-        if (!currentTime.after(tokenExpires)) {
-            return true;
-        }
+            FedizResponse wfRes = 
(FedizResponse)session.getNote(FEDERATION_NOTE);
+            Date tokenExpires = wfRes.getTokenExpires();
+            if (tokenExpires == null) {
+                LOG.debug("Token doesn't expire");
+                return true;
+            }
 
-        LOG.warn("Token already expired. Clean up and redirect");
+            Date currentTime = new Date();
+            if (!currentTime.after(tokenExpires)) {
+                return true;
+            } else {
+                LOG.warn("Token already expired. Clean up and redirect");
 
-        session.removeNote(FEDERATION_NOTE);
-        session.setPrincipal(null);
-        request.getSession().removeAttribute(SECURITY_TOKEN);
+                session.removeNote(FEDERATION_NOTE);
+                session.setPrincipal(null);
+                request.getSession().removeAttribute(SECURITY_TOKEN);
+            }
+        } else {
+            LOG.debug("Session should not be null after authentication");
+        }
         return false;
     }
 

Reply via email to