pull shib session from HttpSession if it's not in the request
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 10 Jan 2008 12:16:58 +0000 (12:16 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 10 Jan 2008 12:16:58 +0000 (12:16 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2545 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationEngine.java
src/edu/internet2/middleware/shibboleth/idp/session/IdPSessionFilter.java

index 43c19e9..d4737a6 100644 (file)
@@ -257,7 +257,7 @@ public class AuthenticationEngine extends HttpServlet {
             LOG.debug("Creating shibboleth session for principal {}", principalName);
             shibSession = (Session) getSessionManager().createSession(loginContext.getPrincipalName());
             loginContext.setSessionID(shibSession.getSessionID());
-            httpRequest.setAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE, shibSession);
+            httpRequest.getSession().setAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE, shibSession);
         }
 
         LOG.debug("Recording authentication and service information in Shibboleth session for principal: {}",
@@ -277,8 +277,6 @@ public class AuthenticationEngine extends HttpServlet {
                 authnMethodInfo);
         shibSession.getServicesInformation().put(serviceInfo.getEntityID(), serviceInfo);
 
-        shibSession.setLastActivityInstant(new DateTime());
-
         returnToProfileHandler(loginContext, httpRequest, httpResponse);
     }
 
index 3459261..caabe2e 100644 (file)
@@ -107,11 +107,15 @@ public class IdPSessionFilter implements Filter {
      */
     protected void addIdPSessionCookieToResponse(HttpServletRequest request, HttpServletResponse response,
             Session userSession) {
-        if (userSession == null) {
-            userSession = (Session) request.getAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE);
+        Session currentSession = userSession;
+        if (currentSession == null) {
+            currentSession = (Session) request.getAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE);
+            if (currentSession == null) {
+                currentSession = (Session) request.getSession().getAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE);
+            }
         }
 
-        if (userSession != null) {
+        if (currentSession != null) {
             Cookie sessionCookie = new Cookie(IDP_SESSION_COOKIE_NAME, userSession.getSessionID());
             sessionCookie.setDomain(request.getLocalName());
             sessionCookie.setPath(request.getContextPath());