You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by ow...@apache.org on 2011/12/22 11:10:51 UTC

svn commit: r1222148 - /cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java

Author: owulff
Date: Thu Dec 22 10:10:51 2011
New Revision: 1222148

URL: http://svn.apache.org/viewvc?rev=1222148&view=rev
Log:
Redirect to IDP if security token expired

Modified:
    cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java

Modified: cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java?rev=1222148&r1=1222147&r2=1222148&view=diff
==============================================================================
--- cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java (original)
+++ cxf/sandbox/fediz/fediz-tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java Thu Dec 22 10:10:51 2011
@@ -238,8 +238,25 @@ public class FederationAuthenticator ext
             	}
         	    Calendar cal = Calendar.getInstance();
         	    if ( cal.getTime().after(wfRes.getTokenExpires()) ) {
-        	    	log.debug("Token already expired");
-        	    	// [TODO] Redirect
+        	    	log.debug("Token already expired. Clean up and redirect");
+        	    	
+        	    	session.removeNote(FEDERATION_NOTE);
+        	    	session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
+        	    	session.setPrincipal(null);
+        	    	request.getSession().removeAttribute(SECURITY_TOKEN);
+        	    	
+                    if (log.isDebugEnabled())
+                        log.debug("Save request in session '" + session.getIdInternal() + "'");
+                    try {
+                        saveRequest(request, session);
+                    } catch (IOException ioe) {
+                        log.debug("Request body too big to save during authentication");
+                        response.sendError(HttpServletResponse.SC_FORBIDDEN,
+                                sm.getString("authenticator.requestBodyTooBig"));
+                        return (false);
+                    }
+                    redirectToLoginPage(request, response, config);
+        	    	
         	    	return (false);
         	    }
             }