diff --git a/src/main/java/edu/harvard/iq/dataverse/authorization/AuthFilter.java b/src/main/java/edu/harvard/iq/dataverse/authorization/AuthFilter.java index 3fb1b457ec4..6d5b6f5dbdf 100644 --- a/src/main/java/edu/harvard/iq/dataverse/authorization/AuthFilter.java +++ b/src/main/java/edu/harvard/iq/dataverse/authorization/AuthFilter.java @@ -82,7 +82,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse response, Fi logger.fine("Path: " + path); String sso = httpServletRequest.getParameter("sso"); //Going to / - if ((httpSession == null) || (httpSession.getAttribute("passiveChecked") == null) || (sso != null) || (ssoPath && httpSession.getAttribute("passiveChecked") != null)) { + if ((httpSession == null) || (httpSession.getAttribute("passiveChecked") == null) || (sso != null) || (ssoPath && httpSession.getAttribute("inSsoLoop") == null)) { if (httpSession != null) { logger.fine("check OIDC: " + httpSession.getAttribute("passiveChecked")); } @@ -106,7 +106,9 @@ public void doFilter(ServletRequest servletRequest, ServletResponse response, Fi httpSession = httpServletRequest.getSession(true); } httpSession.setAttribute("passiveChecked", true); - + if(ssoPath) { + httpSession.setAttribute("inSsoLoop", true); + } String remoteAddr = httpServletRequest.getRemoteAddr(); String requestUri = httpServletRequest.getRequestURI(); String userAgent = httpServletRequest.getHeader("User-Agent"); @@ -123,6 +125,7 @@ public void doFilter(ServletRequest servletRequest, ServletResponse response, Fi return; } else if (ssoPath) { + httpSession.removeAttribute("inSsoLoop"); HttpServletResponse httpServletResponse = (HttpServletResponse) response; httpServletResponse.setStatus(200); return;