Commit 8066f865a8036416f09641e970eb507e567af3f5
1 parent
dcdd0de2
Exists in
master
Reparado bug no logout, método "logout" da classe "HttpServletRequest"
não estava sendo chamado.
Showing
1 changed file
with
8 additions
and
2 deletions
Show diff stats
impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java
| ... | ... | @@ -58,8 +58,9 @@ public class ServletAuthenticator implements Authenticator { |
| 58 | 58 | @Override |
| 59 | 59 | public void authenticate() throws AuthenticationException { |
| 60 | 60 | try { |
| 61 | - getRequest().login(getCredentials().getUsername(), getCredentials().getPassword()); | |
| 62 | - | |
| 61 | + if (this.getUser()==null){ | |
| 62 | + getRequest().login(getCredentials().getUsername(), getCredentials().getPassword()); | |
| 63 | + } | |
| 63 | 64 | } catch (ServletException cause) { |
| 64 | 65 | throw new AuthenticationException(getBundle().getString("authentication-failed"), cause); |
| 65 | 66 | } |
| ... | ... | @@ -68,6 +69,11 @@ public class ServletAuthenticator implements Authenticator { |
| 68 | 69 | @Override |
| 69 | 70 | public void unAuthenticate() { |
| 70 | 71 | getCredentials().clear(); |
| 72 | + try { | |
| 73 | + getRequest().logout(); | |
| 74 | + } catch (ServletException e) { | |
| 75 | + //Logout já havia sido efetuado | |
| 76 | + } | |
| 71 | 77 | getRequest().getSession().invalidate(); |
| 72 | 78 | } |
| 73 | 79 | ... | ... |