NIHVIVO-1814 and NIHVIVO-1568 If the user navigates to a page that contains the login widget, it cancels any login session that was occurring on a different page.

2011-02-02 16:42:32 +00:00 · 2011-02-02 16:42:32 +00:00 · 7c5b296476
commit 7c5b296476
parent 0db60ac7d8
1 changed files with 25 additions and 4 deletions
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/web/widgets/LoginWidget.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/web/widgets/LoginWidget.java
@ -174,14 +174,35 @@ public class LoginWidget extends Widget {
    }

    /**
-     * Where are we in the process? Logged in? Not? Somewhere in between?
+     * Are we already logged in? If not, where are we in the process?
     */
    private State getCurrentLoginState(HttpServletRequest request) {
        if (LoginStatusBean.getBean(request).isLoggedIn()) {
            return State.LOGGED_IN;
-        } else {
+        } 
+        if (isOutdatedLoginProcessBean(request)) {
+        	LoginProcessBean.removeBean(request);
+        }
        return LoginProcessBean.getBean(request).getState();
    }
+
+	/**
+	 * A LoginProcessBean is outdated if the login was occuring on a page other
+	 * than this one.
+	 */
+	private boolean isOutdatedLoginProcessBean(HttpServletRequest request) {
+		if (!LoginProcessBean.isBean(request)) {
+			return false;
+		}
+		LoginProcessBean bean = LoginProcessBean.getBean(request);
+		String loginPageUrl = bean.getLoginPageUrl();
+		if (loginPageUrl == null) {
+			return false;
+		}
+		if (loginPageUrl.endsWith(request.getRequestURI())) {
+			return false;
+		}
+		return true;
 	}

 	/** What's the URL for this servlet? */