CorrelationAuthenticationSuccessHandler shouldn't analyse mp principa…

…l since the owner isn't set to mpPrincipal anymore
Evolveum · Aug 21, 2023 · 6df9739 · 6df9739
1 parent 6072ea5
commit 6df9739
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 6 deletions.
diff --git a/...src/main/java/com/evolveum/midpoint/authentication/impl/filter/AuthenticationWrapper.java b/...src/main/java/com/evolveum/midpoint/authentication/impl/filter/AuthenticationWrapper.java
@@ -285,7 +285,8 @@ private List<AuthModule<?>> createAuthenticationModuleBySequence(MidpointAuthent
             HttpServletRequest httpRequest) {
         List<AuthModule<?>> authModules;
         boolean processingDifferentSequence = processingDifferentAuthenticationSequence(mpAuthentication, this.sequence);
-        if (processingDifferentSequence || sequence.getModule().size() != mpAuthentication.getSequence().getModule().size()) {
+        if (processingDifferentSequence || sequence.getModule().size() != mpAuthentication.getSequence().getModule().size()
+                || StringUtils.isNotEmpty(mpAuthentication.getArchetypeOid())) {
             authenticationManager.getProviders().clear();
             //noinspection unchecked
             authModules = new AuthenticationSequenceModuleCreator<>(
@@ -300,6 +301,7 @@ private List<AuthModule<?>> createAuthenticationModuleBySequence(MidpointAuthent
             if (processingDifferentSequence) {
                 clearAuthentication(httpRequest);
             }
+            updateMidpointAuthenticationModules(authModules, mpAuthentication);
         } else {
             authModules = mpAuthentication.getAuthModules();
         }
@@ -311,6 +313,13 @@ private boolean processingDifferentAuthenticationSequence(MidpointAuthentication
         return mpAuthentication == null || !sequenceIdentifiersMatch(sequence, mpAuthentication.getSequence());
     }
 
+    private void updateMidpointAuthenticationModules(List<AuthModule<?>> authModules, MidpointAuthentication mpAuthentication) {
+        if (mpAuthentication == null) {
+            return;
+        }
+        mpAuthentication.getAuthModules().clear();
+        mpAuthentication.setAuthModules(authModules);
+    }
 
     private void clearAuthentication(HttpServletRequest httpRequest) {
         Authentication oldAuthentication = SecurityContextHolder.getContext().getAuthentication();

diff --git a/...volveum/midpoint/authentication/impl/handler/CorrelationAuthenticationSuccessHandler.java b/...volveum/midpoint/authentication/impl/handler/CorrelationAuthenticationSuccessHandler.java
@@ -35,11 +35,11 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         }
 
         ModuleAuthentication moduleAuthentication = mpAuthentication.getProcessingModuleAuthentication();
-        if (mpAuthentication.getPrincipal() instanceof MidPointPrincipal) {
-//            moduleAuthentication.setState(AuthenticationModuleState.SUCCESSFULLY);
-            super.onAuthenticationSuccess(request, response, authentication);
-            return;
-        }
+//        if (mpAuthentication.getPrincipal() instanceof MidPointPrincipal) {
+////            moduleAuthentication.setState(AuthenticationModuleState.SUCCESSFULLY);
+//            super.onAuthenticationSuccess(request, response, authentication);
+//            return;
+//        }
 
 
         if (!(moduleAuthentication instanceof CorrelationModuleAuthenticationImpl correlationModuleAuthentication)) {