Merge remote-tracking branch 'refs/remotes/origin/master'

Evolveum · Oct 2, 2023 · b5df130 · b5df130
2 parents e7d8ee4 + 56dcabd
commit b5df130
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 8 deletions.
diff --git a/...src/main/java/com/evolveum/midpoint/authentication/api/config/MidpointAuthentication.java b/...src/main/java/com/evolveum/midpoint/authentication/api/config/MidpointAuthentication.java
@@ -9,6 +9,7 @@
 import java.util.*;
 import java.util.stream.Stream;
 
+import com.evolveum.midpoint.schema.util.SecurityPolicyUtil;
 import com.evolveum.midpoint.util.logging.Trace;
 
 import com.evolveum.midpoint.util.logging.TraceManager;
@@ -577,6 +578,14 @@ public int resolveParallelModules(HttpServletRequest request, int actualIndex) {
     }
 
     public boolean isLast(ModuleAuthentication moduleAuthentication) {
+        SecurityPolicyType securityPolicy = resolveSecurityPolicyForPrincipal();
+        if (securityPolicy != null) {
+            int currentModulesSize = authModules.size();
+            AuthenticationSequenceType seq = SecurityPolicyUtil.findSequenceByIdentifier(securityPolicy, sequence.getIdentifier());
+            if (seq != null && currentModulesSize != seq.getModule().size()) {
+                return false;
+            }
+        }
         if (getAuthentications().isEmpty()) {
             return false;
         }

diff --git a/...java/com/evolveum/midpoint/authentication/impl/evaluator/AuthenticationEvaluatorImpl.java b/...java/com/evolveum/midpoint/authentication/impl/evaluator/AuthenticationEvaluatorImpl.java
@@ -95,8 +95,11 @@ protected <C extends AbstractAuthenticationContext> MidPointPrincipal getAndChec
         return principal;
     }
 
-    protected ProfileCompilerOptions createOptionForGettingPrincipal() {
-        return ProfileCompilerOptions.createOnlyPrincipalOption().collectAuthorization(true);
+    private ProfileCompilerOptions createOptionForGettingPrincipal() {
+        return ProfileCompilerOptions.createNotCompileGuiAdminConfiguration()
+                .collectAuthorization(true)
+                .locateSecurityPolicy(true)
+                .tryReusingSecurityPolicy(true);
     }
 
     protected boolean hasNoAuthorizations(MidPointPrincipal principal) {

diff --git a/...olveum/midpoint/authentication/impl/evaluator/CredentialsAuthenticationEvaluatorImpl.java b/...olveum/midpoint/authentication/impl/evaluator/CredentialsAuthenticationEvaluatorImpl.java
@@ -303,10 +303,4 @@ public AuthenticationAttemptDataType getAuthenticationData(MidPointPrincipal pri
         return AuthUtil.findAuthAttemptDataForModule(connectionEnvironment, principal);
     }
 
-    @Override
-    protected ProfileCompilerOptions createOptionForGettingPrincipal() {
-        return ProfileCompilerOptions.createNotCompileGuiAdminConfiguration()
-                .collectAuthorization(true)
-                .locateSecurityPolicy(true);
-    }
 }