diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/jsptags/ConfirmLoginStatus.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/jsptags/ConfirmLoginStatus.java index 4b548fd39..699ff3fc0 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/jsptags/ConfirmLoginStatus.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/jsptags/ConfirmLoginStatus.java @@ -2,8 +2,6 @@ package edu.cornell.mannlib.vitro.webapp.web.jsptags; -import java.io.IOException; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.jsp.JspException; @@ -73,7 +71,8 @@ public class ConfirmLoginStatus extends BodyTagSupport { LogoutRedirector.recordRestrictedPageUri(getRequest()); LoginStatusBean loginBean = LoginStatusBean.getBean(getRequest()); - boolean isLoggedIn = loginBean.isLoggedInAtLeast(level); + boolean isLoggedIn = loginBean.isLoggedIn(); + boolean isSufficient = loginBean.isLoggedInAtLeast(level); boolean isSelfEditing = VitroRequestPrep.isSelfEditing(getRequest()); @@ -81,9 +80,12 @@ public class ConfirmLoginStatus extends BodyTagSupport { + ", requiredLevel=" + level + ", selfEditingAllowed=" + allowSelfEditing + ", isSelfEditing=" + isSelfEditing); - if (isLoggedIn || (allowSelfEditing && isSelfEditing)) { + if (isSufficient || (allowSelfEditing && isSelfEditing)) { log.debug("Login status confirmed."); return setBeanAndReturn(loginBean); + } else if (isLoggedIn) { + log.debug("Logged in, but not sufficient."); + return showInsufficientAuthorizationMessage(); } else { log.debug("Login status not confirmed."); return redirectAndSkipPage(); @@ -98,6 +100,12 @@ public class ConfirmLoginStatus extends BodyTagSupport { return EVAL_PAGE; } + private int showInsufficientAuthorizationMessage() { + VitroHttpServlet.redirectToInsufficientAuthorizationPage(getRequest(), + getResponse()); + return SKIP_PAGE; + } + private int redirectAndSkipPage() throws JspException { VitroHttpServlet.redirectToLoginPage(getRequest(), getResponse()); return SKIP_PAGE;