Commit 2913d186 authored by michael.simon's avatar michael.simon
Browse files

Always execute user_login_rule, even if user does not exist yet.

parent 85d377a4
......@@ -118,7 +118,8 @@ public class KnowledgeSessionServiceImpl implements KnowledgeSessionService {
throw new MisconfiguredApplicationException("Es ist keine valide Regel fuer den Benutzerzugriff konfiguriert");
ksession.setGlobal("logger", logger);
ksession.insert(user);
if (user != null)
ksession.insert(user);
ksession.insert(attributeMap);
ksession.insert(assertion);
ksession.insert(idp);
......
......@@ -104,6 +104,19 @@ public class Saml2PostHandlerServlet {
UserEntity user = userService.findByPersistentWithRoles(spConfig.getEntityId(),
idpEntity.getEntityId(), persistentId);
String userLoginRule = appConfig.getConfigValue("user_login_rule");
if (userLoginRule != null && (! "".equals(userLoginRule))) {
logger.debug("Checking User login rule {}", userLoginRule);
long start = System.currentTimeMillis();
knowledgeSessionService.checkRule(userLoginRule, user, attributeMap, assertion,
idpEntity, idpEntityDescriptor, spConfig);
long end = System.currentTimeMillis();
logger.debug("Rule processing took {} ms", end - start);
}
if (user == null) {
logger.info("New User detected, sending to register Page");
......@@ -117,21 +130,6 @@ public class Saml2PostHandlerServlet {
return;
}
String userLoginRule = appConfig.getConfigValue("user_login_rule");
if (userLoginRule == null || "".equals(userLoginRule)) {
userLoginRule = "default:permitAllRule:1.0.0";
}
logger.debug("Checking User login rule {}", userLoginRule);
long start = System.currentTimeMillis();
knowledgeSessionService.checkRule(userLoginRule, user, attributeMap, assertion,
idpEntity, idpEntityDescriptor, spConfig);
long end = System.currentTimeMillis();
logger.debug("Rule processing took {} ms", end - start);
logger.debug("Updating user {}", persistentId);
try {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment