litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-1832 JSPs that call <vitro:confirmLoginStatus> must be recorded as restricted pages, just like Servlets that call VitroHttpServlet.checkLoginStatus(). That way we won't attempt to stay on those pages if the user logs out.

Browse source
This commit is contained in:
jeb228 2011-01-21 16:50:16 +00:00
parent aeff100428
commit 404ee53a91
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
webapp/src/edu/cornell/mannlib/vitro/webapp/web/jsptags/ConfirmLoginStatus.java
View file

@ -14,6 +14,7 @@ import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.LogoutRedirector;
import edu.cornell.mannlib.vitro.webapp.filters.VitroRequestPrep;
/**
@ -69,6 +70,8 @@ public class ConfirmLoginStatus extends BodyTagSupport {
@Override
public int doEndTag() throws JspException {
LogoutRedirector.recordRestrictedPageUri(getRequest());
LoginStatusBean loginBean = LoginStatusBean.getBean(getRequest());
boolean isLoggedIn = loginBean.isLoggedInAtLeast(level);