fix up conditional for removing unusable login handlers
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / idp / authn / AuthenticationEngine.java
index 1e0eb26..2c3ba7c 100644 (file)
@@ -198,9 +198,10 @@ public class AuthenticationEngine extends HttpServlet {
             if (loginContext.isPassiveAuthRequired()) {
                 filterByPassiveAuthentication(loginContext, possibleLoginHandlers);
             }
-
+            
             // If the user already has a session and its usage is acceptable than use it
             // otherwise just use the first candidate login handler
+            LOG.debug("Possible authentication handlers after filtering: {}", possibleLoginHandlers);
             if (idpSession != null
                     && possibleLoginHandlers.containsKey(PreviousSessionLoginHandler.PREVIOUS_SESSION_AUTHN_METHOD)) {
                 authenticateUserWithPreviousSession(loginContext, possibleLoginHandlers, httpRequest, httpResponse);
@@ -235,8 +236,8 @@ public class AuthenticationEngine extends HttpServlet {
         Entry<String, LoginHandler> supportedLoginHandler;
         while (supportedLoginHandlerItr.hasNext()) {
             supportedLoginHandler = supportedLoginHandlerItr.next();
-            if (supportedLoginHandler.getKey().equals(PreviousSessionLoginHandler.PREVIOUS_SESSION_AUTHN_METHOD)
-                    || !loginContext.getRequestedAuthenticationMethods().contains(supportedLoginHandler.getKey())) {
+            if (!(supportedLoginHandler.getKey().equals(PreviousSessionLoginHandler.PREVIOUS_SESSION_AUTHN_METHOD))
+                    && !loginContext.getRequestedAuthenticationMethods().contains(supportedLoginHandler.getKey())) {
                 supportedLoginHandlerItr.remove();
                 continue;
             }