fix redirect loop within authentication engine
authorwnorris <wnorris@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 7 Jan 2008 21:15:30 +0000 (21:15 +0000)
committerwnorris <wnorris@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 7 Jan 2008 21:15:30 +0000 (21:15 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2522 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationEngine.java
src/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
src/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java

index 6107c04..ba85465 100644 (file)
@@ -210,7 +210,8 @@ public class AuthenticationEngine extends HttpServlet {
 
         if (handler == null) {
             loginContext.setPrincipalAuthenticated(false);
-            loginContext.setAuthenticationFailureMessage("No AuthenticationHandler satisfys the request from: "
+            loginContext.setAuthenticationAttempted();
+            loginContext.setAuthenticationFailureMessage("No AuthenticationHandler satisfies the request from: "
                     + loginContext.getRelyingPartyId());
             LOG.error("No AuthenticationHandler satisfies the request from relying party: "
                     + loginContext.getRelyingPartyId());
index 502ccd1..b8f892a 100644 (file)
@@ -114,7 +114,7 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
         if (loginContext == null) {
             log.debug("User session does not contain a login context, processing as first leg of request");
             performAuthentication(inTransport, outTransport);
-        } else if (!loginContext.isPrincipalAuthenticated()) {
+        } else if (!loginContext.isPrincipalAuthenticated() && !loginContext.getAuthenticationAttempted()) {
             log.debug("User session contained a login context but user was not authenticated, processing as first leg of request");
             performAuthentication(inTransport, outTransport);
         } else {
index 904540a..4a0eb55 100644 (file)
@@ -131,7 +131,7 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
         if (loginContext == null) {
             log.debug("User session does not contain a login context, processing as first leg of request");
             performAuthentication(inTransport, outTransport);
-        } else if (!loginContext.isPrincipalAuthenticated()) {
+        } else if (!loginContext.isPrincipalAuthenticated() && !loginContext.getAuthenticationAttempted()) {
             log.debug("User session contained a login context but user was not authenticated, processing as first leg of request");
             performAuthentication(inTransport, outTransport);
         } else {