NIHVIVO-1568 If a user clicks on the Login link, or tries to access a restricted page, any previous login process is cancelled and a new one is begun.

2011-02-02 16:44:00 +00:00 · 2011-02-02 16:44:00 +00:00 · 7b62bdd0a2
commit 7b62bdd0a2
parent 7c5b296476
1 changed files with 24 additions and 0 deletions
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
@ -89,6 +89,9 @@ public class Authenticate extends VitroHttpServlet {
 		VitroRequest vreq = new VitroRequest(request);

 		try {
+			if (loginProcessIsRestarting(vreq)) {
+				LoginProcessBean.removeBean(vreq);
+			}
 			if (loginProcessPagesAreEmpty(vreq)) {
 				recordLoginProcessPages(vreq);
 			}
@ -138,6 +141,23 @@ public class Authenticate extends VitroHttpServlet {

 	}

+	/**
+	 * The after-login page or the return flag are supplied only on the first
+	 * step in the process. If we see either of them, we conclude that the user
+	 * has re-started the login.
+	 */
+	private boolean loginProcessIsRestarting(HttpServletRequest request) {
+		if (isAfterLoginParameterSet(request)) {
+			log.debug("after-login parameter is set: restarting the login.");
+			return true;
+		}
+		if (isReturnParameterSet(request)) {
+			log.debug("return parameter is set: restarting the login.");
+			return true;
+		}
+		return false;
+	}
+
 	/**
 	 * Once these URLs have been set, don't change them.
 	 */
@ -191,6 +211,10 @@ public class Authenticate extends VitroHttpServlet {
 		}
 	}

+	private boolean isAfterLoginParameterSet(HttpServletRequest request) {
+		return (null != request.getParameter(PARAMETER_AFTER_LOGIN));
+	}
+
 	private boolean isReturnParameterSet(HttpServletRequest request) {
 		return (null != request.getParameter(PARAMETER_RETURN));
 	}