You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ow...@apache.org on 2011/12/22 11:10:51 UTC
svn commit: r1222148 -
/cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
Author: owulff
Date: Thu Dec 22 10:10:51 2011
New Revision: 1222148
URL: http://svn.apache.org/viewvc?rev=1222148&view=rev
Log:
Redirect to IDP if security token expired
Modified:
cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
Modified: cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java?rev=1222148&r1=1222147&r2=1222148&view=diff
==============================================================================
--- cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java (original)
+++ cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java Thu Dec 22 10:10:51 2011
@@ -238,8 +238,25 @@ public class FederationAuthenticator ext
}
Calendar cal = Calendar.getInstance();
if ( cal.getTime().after(wfRes.getTokenExpires()) ) {
- log.debug("Token already expired");
- // [TODO] Redirect
+ log.debug("Token already expired. Clean up and redirect");
+
+ session.removeNote(FEDERATION_NOTE);
+ session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
+ session.setPrincipal(null);
+ request.getSession().removeAttribute(SECURITY_TOKEN);
+
+ if (log.isDebugEnabled())
+ log.debug("Save request in session '" + session.getIdInternal() + "'");
+ try {
+ saveRequest(request, session);
+ } catch (IOException ioe) {
+ log.debug("Request body too big to save during authentication");
+ response.sendError(HttpServletResponse.SC_FORBIDDEN,
+ sm.getString("authenticator.requestBodyTooBig"));
+ return (false);
+ }
+ redirectToLoginPage(request, response, config);
+
return (false);
}
}