From 7c5b2964768b889f9ec5a6b39c91eec3ce3744b9 Mon Sep 17 00:00:00 2001
From: jeb228 <jeb228@440791e1-c2bf-4c1e-ad7c-caf3f8b0ebe8>
Date: Wed, 2 Feb 2011 16:42:32 +0000
Subject: [PATCH] NIHVIVO-1814 and NIHVIVO-1568 If the user navigates to a page
 that contains the login widget, it cancels any login session that was
 occurring on a different page.

---
 .../vitro/webapp/web/widgets/LoginWidget.java | 29 ++++++++++++++++---
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/widgets/LoginWidget.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/widgets/LoginWidget.java
index 2f27df71f..2d7b0d672 100644
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/widgets/LoginWidget.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/widgets/LoginWidget.java
@@ -174,17 +174,38 @@ public class LoginWidget extends Widget {
     }
 
     /**
-     * Where are we in the process? Logged in? Not? Somewhere in between?
+     * Are we already logged in? If not, where are we in the process?
      */
     private State getCurrentLoginState(HttpServletRequest request) {
         if (LoginStatusBean.getBean(request).isLoggedIn()) {
             return State.LOGGED_IN;
-        } else {
-            return LoginProcessBean.getBean(request).getState();
+        } 
+        if (isOutdatedLoginProcessBean(request)) {
+        	LoginProcessBean.removeBean(request);
         }
+        return LoginProcessBean.getBean(request).getState();
     }
 
-    /** What's the URL for this servlet? */
+	/**
+	 * A LoginProcessBean is outdated if the login was occuring on a page other
+	 * than this one.
+	 */
+	private boolean isOutdatedLoginProcessBean(HttpServletRequest request) {
+		if (!LoginProcessBean.isBean(request)) {
+			return false;
+		}
+		LoginProcessBean bean = LoginProcessBean.getBean(request);
+		String loginPageUrl = bean.getLoginPageUrl();
+		if (loginPageUrl == null) {
+			return false;
+		}
+		if (loginPageUrl.endsWith(request.getRequestURI())) {
+			return false;
+		}
+		return true;
+	}
+
+	/** What's the URL for this servlet? */
     private String getAuthenticateUrl(HttpServletRequest request) {
         String contextPath = request.getContextPath();   
         return contextPath + "/authenticate";