Merge pull request #1 from mwoodiupui/patch-1-mark

Patch 1 amended with changes from Mark Wood
lap82 · Sep 27, 2013 · a474722 · a474722
2 parents 9fdbbf7 + 1f180e8
commit a474722
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 8 deletions.
diff --git a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/DSpaceCocoonServletFilter.java b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/DSpaceCocoonServletFilter.java
@@ -257,12 +257,17 @@ public void doFilter(ServletRequest request, ServletResponse response,
                     realResponse.sendRedirect(locationWithTrailingSlash);
                 }    
 	        // if force ssl is on and the user has authenticated and the request is not secure redirect to https
-                else if ((ConfigurationManager.getBooleanProperty("xmlui.force.ssl")) && (realRequest.getSession().getAttribute("dspace.user.effective")!=null) && (!realRequest.isSecure())) {
-	                StringBuffer location = new StringBuffer("https://");
-	                location.append(ConfigurationManager.getProperty("dspace.hostname")).append(realRequest.getContextPath()).append(realRequest.getServletPath()).append(
-	                        realRequest.getQueryString() == null ? ""
-	                                : ("?" + realRequest.getQueryString()));
-	                realResponse.sendRedirect(location.toString());
+                else if ((ConfigurationManager.getBooleanProperty("xmlui.force.ssl"))
+                        && (AuthenticationUtil.isLoggedIn(realRequest))
+                        && (!realRequest.isSecure()))
+                {
+                    StringBuffer location = new StringBuffer("https://");
+                    location.append(ConfigurationManager.getProperty("dspace.hostname"))
+                            .append(realRequest.getContextPath())
+                            .append(realRequest.getServletPath())
+                            .append(realRequest.getQueryString() == null ? ""
+                                    : ("?" + realRequest.getQueryString()));
+                    realResponse.sendRedirect(location.toString());
 	        }
                 else
                 {   // invoke the next filter

diff --git a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/MetadataExportReader.java b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/MetadataExportReader.java
@@ -142,7 +142,7 @@ else if(dso.getType() == Constants.COMMUNITY)
                      *
                      */
 
-                   if(this.request.getSession().getAttribute("dspace.current.user.id")!=null) {
+                   if(AuthenticationUtil.isLoggedIn(request)) {
                       String redictURL = request.getContextPath() + "/restricted-resource";
                         HttpServletResponse httpResponse = (HttpServletResponse)
             		objectModel.get(HttpEnvironment.HTTP_RESPONSE_OBJECT);

diff --git a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/utils/AuthenticationUtil.java b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/utils/AuthenticationUtil.java
@@ -613,5 +613,14 @@ public static HttpServletRequest resumeRequest(HttpServletRequest realHttpReques
     	// Otherwise return the real request.
     	return realHttpRequest;
     }
-
+
+    /**
+     * Has this user authenticated?
+     * @param request
+     * @return true if request is in a session having a user ID.
+     */
+    public static boolean isLoggedIn(HttpServletRequest request)
+    {
+        return (null != request.getSession().getAttribute(EFFECTIVE_USER_ID));
+    }
 }