[Identity-dev] svn commit r14868 - trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action

[svn]

Author: prabath
Date: Sun Mar 16 21:51:59 2008
New Revision: 14868

Log:

fixed issue related to PAPE login when profile is set to trust always

Modified:
   
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java

Modified: 
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
==============================================================================
--- 
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
 (original)
+++ 
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
 Sun Mar 16 21:51:59 2008
@@ -89,6 +89,9 @@
 
         if (infoCardSignin != null && "Log in".equals(infoCardSignin)) {
             // User logs in with an information card
+
+            boolean isRedirected = false;
+
             if (UserUtil.verifyInfoCardLogin(context, openID)) {
 
                 policies = OpenIDUtil
@@ -103,7 +106,9 @@
                                             
"multiFactorAuthenticationWithUsernamePassword",
                                             "true");
                             session.setAttribute("multifactorlogin", "true");
-                            
response.sendRedirect("OpenIDAuthentication.action");
+                            isRedirected = true;
+                            response
+                                    
.sendRedirect("OpenIDAuthentication.action");
                             break;
                         }
                     }
@@ -111,7 +116,8 @@
 
                 populateUserProfiles(user, rpUrl);
 
-                // Okay - user used InfoCards to login - next when tries login
+                // Okay - user used InfoCards to login - next when tries
+                // login
                 // we'll let him use his InfoCard directly, by passing the
                 // authentication page.
 
@@ -121,15 +127,20 @@
                 infocardCookie.setSecure(true);
                 response.addCookie(infocardCookie);
 
-                // OpenID Provider needs to know which authentication mechanism
+                // OpenID Provider needs to know which authentication
+                // mechanism
                 // the user went through while authenticating to the OP.
-                session.setAttribute("phishingResistanceAuthentication", 
"true");
-
-                if (!isRequiredUserApproval(request)) {
-                    // User has already agreed to accept request from this RP
-                    // always.
-                    response
-                            
.sendRedirect("server?_action=complete&authenticatedAndApproved=true");
+                session
+                        .setAttribute("phishingResistanceAuthentication",
+                                "true");
+                if (!isRedirected) {
+                    if (!isRequiredUserApproval(request)) {
+                        // User has already agreed to accept request from this
+                        // RP
+                        // always.
+                        response
+                                
.sendRedirect("server?_action=complete&authenticatedAndApproved=true");
+                    }
                 }
 
                 return SUCCESS;

_______________________________________________
Identity-dev mailing list
Identity-dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev