github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

tried to make prompt=login work, backed off for now

pull/324/merge
Justin Richer 2013-04-25 15:19:11 -04:00
parent 8d53149d03
commit dcf41eaa9e
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
openid-connect-server/src/main/java/org/mitre/openid/connect/filter/PromptFilter.java
View File

@ -60,7 +60,21 @@ public class PromptFilter extends GenericFilterBean {
response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied"); response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied");
return; return;
} }
/* TODO: this is an attempt to catch the prompt=login case, but it results in an infinite loop so it's commented out
} else if (request.getParameter("prompt").equals("login")) {
// see if the user's logged in
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null) {
// user's been logged in already (by session management)
// log them out and continue
SecurityContextHolder.getContext().setAuthentication(null);
chain.doFilter(req, res);
} else {
// user hasn't been logged in yet, we can keep going
chain.doFilter(req, res);
}
*/
} else { } else {
// prompt parameter is a value we don't care about, not our business // prompt parameter is a value we don't care about, not our business
chain.doFilter(req, res); chain.doFilter(req, res);