svn commit: r1845497 - /ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java

Thu, 01 Nov 2018 09:29:24 -0700 

Author: jleroux
Date: Thu Nov  1 16:29:08 2018
New Revision: 1845497

URL: http://svn.apache.org/viewvc?rev=1845497&view=rev
Log:
Implemented: Navigate from a domain to another with automated signed in 
authentication
(OFBIZ-10307)

While working on OFBIZ-10635 I spotted that at r1844880 I forgot to put a call
to LoginWorker::createSecuredLoginIdCookie in LoginWorker::checkExternalLoginKey
in the general case (when the user log in for the 1st time). This fixes it.
Also makes the comment makes sense.


Modified:
    
ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java

Modified: 
ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
URL: 
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java?rev=1845497&r1=1845496&r2=1845497&view=diff
==============================================================================
--- 
ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
 (original)
+++ 
ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
 Thu Nov  1 16:29:08 2018
@@ -133,11 +133,10 @@ public class ExternalLoginKeysManager {
             GenericValue currentUserLogin = (GenericValue) 
session.getAttribute("userLogin");
             if (currentUserLogin != null) {
                 if 
(currentUserLogin.getString("userLoginId").equals(userLogin.getString("userLoginId")))
 {
-                    // Create a secured cookie the client cookie with the 
correct userLoginId
-                    LoginWorker.createSecuredLoginIdCookie(request, response);
-                    
                     // same user, just make sure the autoUserLogin is set to 
the same and that the client cookie has the correct userLoginId
                     LoginWorker.autoLoginSet(request, response);
+                    // Same for the SecuredLoginId cookie
+                    LoginWorker.createSecuredLoginIdCookie(request, response);
                     return "success";
                 }
 
@@ -147,6 +146,10 @@ public class ExternalLoginKeysManager {
             }
 
             LoginWorker.doBasicLogin(userLogin, request);
+
+            // Create a secured cookie with the correct userLoginId
+            LoginWorker.createSecuredLoginIdCookie(request, response);
+
         } else {
             Debug.logWarning("Could not find userLogin for external login key: 
" + externalKey, module);
         }

Reply via email to