From 7b62bdd0a2b8725b0f4fb350acca26ff0d8f04ad Mon Sep 17 00:00:00 2001
From: jeb228 <jeb228@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Wed, 2 Feb 2011 16:44:00 +0000
Subject: [PATCH] NIHVIVO-1568 If a user clicks on the Login link, or tries to
 access a restricted page, any previous login process is cancelled and a new
 one is begun.

---
 .../webapp/controller/edit/Authenticate.java  | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
index a8f6f502b..9c70bdc71 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/edit/Authenticate.java
@@ -89,6 +89,9 @@ public class Authenticate extends VitroHttpServlet {
 		VitroRequest vreq = new VitroRequest(request);
 
 		try {
+			if (loginProcessIsRestarting(vreq)) {
+				LoginProcessBean.removeBean(vreq);
+			}
 			if (loginProcessPagesAreEmpty(vreq)) {
 				recordLoginProcessPages(vreq);
 			}
@@ -138,6 +141,23 @@ public class Authenticate extends VitroHttpServlet {
 
 	}
 
+	/**
+	 * The after-login page or the return flag are supplied only on the first
+	 * step in the process. If we see either of them, we conclude that the user
+	 * has re-started the login.
+	 */
+	private boolean loginProcessIsRestarting(HttpServletRequest request) {
+		if (isAfterLoginParameterSet(request)) {
+			log.debug("after-login parameter is set: restarting the login.");
+			return true;
+		}
+		if (isReturnParameterSet(request)) {
+			log.debug("return parameter is set: restarting the login.");
+			return true;
+		}
+		return false;
+	}
+
 	/**
 	 * Once these URLs have been set, don't change them.
 	 */
@@ -191,6 +211,10 @@ public class Authenticate extends VitroHttpServlet {
 		}
 	}
 
+	private boolean isAfterLoginParameterSet(HttpServletRequest request) {
+		return (null != request.getParameter(PARAMETER_AFTER_LOGIN));
+	}
+
 	private boolean isReturnParameterSet(HttpServletRequest request) {
 		return (null != request.getParameter(PARAMETER_RETURN));
 	}