protected boolean doRedirectToLoginPage( ServerManager manager, ParameterList requestParameters, IWContext iwc, String realm) { boolean goToLogin = true; // Log user out if this is an authentication request for a new association // (i.e. another Relying Party or an expired association) or if this is a new request // after a completed successful one (loginExpireTime is removed on successful login) String loginExpireHandle = requestParameters.hasParameter(OpenIDConstants.PARAMETER_ASSOCIATE_HANDLE) ? "openid-login-" + requestParameters.getParameterValue(OpenIDConstants.PARAMETER_ASSOCIATE_HANDLE) : null; Date currentTime = new Date(); if (loginExpireHandle == null) { String simpleRegHandle = "openid-simpleRegHandle-" + realm; Date loginExpirationTime = (Date) iwc.getSessionAttribute(simpleRegHandle); if (loginExpirationTime == null || currentTime.after(loginExpirationTime)) { if (iwc.isLoggedOn()) { // Make user log in again LoginBusinessBean loginBusiness = getLoginBusiness(iwc.getRequest()); loginBusiness.logOutUser(iwc); } int expireInMilliSeconds = manager.getExpireIn() * 1000; iwc.setSessionAttribute( simpleRegHandle, new Date(currentTime.getTime() + expireInMilliSeconds)); goToLogin = true; } else { // coming here again in the same request/association goToLogin = !iwc.isLoggedOn(); } } else { Date loginExpirationTime = (Date) iwc.getSessionAttribute(loginExpireHandle); if (loginExpirationTime == null || currentTime.after(loginExpirationTime)) { if (iwc.isLoggedOn()) { // Make user log in again LoginBusinessBean loginBusiness = getLoginBusiness(iwc.getRequest()); loginBusiness.logOutUser(iwc); } int expireInMilliSeconds = manager.getExpireIn() * 1000; iwc.setSessionAttribute( loginExpireHandle, new Date(currentTime.getTime() + expireInMilliSeconds)); goToLogin = true; } else { // coming here again in the same request/association goToLogin = !iwc.isLoggedOn(); } } return goToLogin; }
private boolean isAllowAction(IWContext iwc) { Object allowValue = iwc.getRequest().getAttribute(OpenIDConstants.PARAMETER_ALLOWED); if (allowValue != null) { return true; } else { String paramValue = iwc.getParameter(OpenIDConstants.PARAMETER_ALLOWED); String sessionValue = (String) iwc.getSessionAttribute(OpenIDConstants.PARAMETER_ALLOWED); iwc.removeSessionAttribute(OpenIDConstants.PARAMETER_ALLOWED); if (paramValue != null && paramValue.equals(sessionValue)) { iwc.getRequest().setAttribute(OpenIDConstants.PARAMETER_ALLOWED, "true"); return true; } } return false; }