fix for redirect authenticated users from login pages

Evolveum · Dec 20, 2022 · dfd34ab · dfd34ab
1 parent 5200112
commit dfd34ab
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 4 deletions.
diff --git a/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/AbstractPageLogin.java b/gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/AbstractPageLogin.java
@@ -10,6 +10,8 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 
+import com.evolveum.midpoint.authentication.api.authorization.PageDescriptor;
+import com.evolveum.midpoint.authentication.api.config.ModuleAuthentication;
 import com.evolveum.midpoint.gui.api.page.PageAdminLTE;
 
 import com.evolveum.midpoint.web.component.menu.top.LocaleTextPanel;
@@ -152,16 +154,29 @@ private void showExceptionMessage() {
     @Override
     protected void onBeforeRender() {
         super.onBeforeRender();
-        confirmUserPrincipal();
+        confirmAuthentication();
     }
 
     @Override
     protected void onAfterRender() {
         super.onAfterRender();
     }
 
-    protected void confirmUserPrincipal() {
-        if (AuthUtil.getPrincipalUser() != null) {
+    protected void confirmAuthentication() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+        boolean loginPageForAnotherModule = false;
+        if (authentication instanceof MidpointAuthentication) {
+            PageDescriptor descriptor = getClass().getAnnotation(PageDescriptor.class);
+            if (descriptor != null && !descriptor.authModule().isEmpty()) {
+                ModuleAuthentication module = ((MidpointAuthentication) authentication).getProcessingModuleAuthentication();
+                if (module != null) {
+                    loginPageForAnotherModule = !module.getModuleTypeName().equals(descriptor.authModule());
+                }
+            }
+        }
+
+        if (authentication.isAuthenticated() || loginPageForAnotherModule) {
             MidPointApplication app = getMidpointApplication();
             throw new RestartResponseException(app.getHomePage());
         }

diff --git a/...ava/com/evolveum/midpoint/gui/impl/page/login/AbstractPageRemoteAuthenticationSelect.java b/...ava/com/evolveum/midpoint/gui/impl/page/login/AbstractPageRemoteAuthenticationSelect.java
@@ -110,6 +110,6 @@ private List<IdentityProvider> getProviders() {
     protected abstract String getErrorKeyEmptyProviders();
 
     @Override
-    protected void confirmUserPrincipal() {
+    protected void confirmAuthentication() {
     }
 }