Merge pull request #488 from lahirue/AuthFramework2

IDENTITY-4888 Authentication framework is not properly handle
wso2 · Aug 5, 2016 · 9140f7c · 9140f7c
2 parents fd62979 + d42d999
commit 9140f7c
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 1 deletion.
diff --git a/...so2/carbon/identity/application/authentication/framework/config/model/SequenceConfig.java b/...so2/carbon/identity/application/authentication/framework/config/model/SequenceConfig.java
@@ -139,4 +139,27 @@ public void setAuthenticatedReqPathAuthenticator(
             AuthenticatorConfig authenticatedReqPathAuthenticator) {
         this.authenticatedReqPathAuthenticator = authenticatedReqPathAuthenticator;
     }
+
+    /**
+     * This method will clone current class objects
+     * This method is to solve the issue - multiple requests for same user/SP
+     *
+     * @return SequenceConfig object
+     */
+    public SequenceConfig cloneObject() {
+        SequenceConfig sequenceConfig = new SequenceConfig();
+        sequenceConfig.setName(this.getName());
+        sequenceConfig.setForceAuthn(this.isForceAuthn());
+        sequenceConfig.setCheckAuthn(this.isCheckAuthn());
+        sequenceConfig.setApplicationId(this.getApplicationId());
+        sequenceConfig.setStepMap(this.getStepMap());
+        sequenceConfig.setReqPathAuthenticators(this.getReqPathAuthenticators());
+        sequenceConfig.setApplicationConfig(this.getApplicationConfig());
+        sequenceConfig.setCompleted(this.isCompleted());
+        sequenceConfig.setAuthenticatedUser(this.getAuthenticatedUser());
+        sequenceConfig.setAuthenticatedIdPs(this.getAuthenticatedIdPs());
+        sequenceConfig.setAuthenticatedReqPathAuthenticator(this.getAuthenticatedReqPathAuthenticator());
+        return sequenceConfig;
+    }
+
 }
diff --git a/.../application/authentication/framework/handler/request/impl/DefaultRequestCoordinator.java b/.../application/authentication/framework/handler/request/impl/DefaultRequestCoordinator.java
@@ -339,7 +339,7 @@ protected void findPreviousAuthenticatedSession(HttpServletRequest request,
                     }
 
                     context.setPreviousSessionFound(true);
-                    sequenceConfig = previousAuthenticatedSeq;
+                    sequenceConfig = previousAuthenticatedSeq.cloneObject();
                     AuthenticatedUser authenticatedUser = sequenceConfig.getAuthenticatedUser();
                     String authenticatedUserTenantDomain = sequenceConfig.getAuthenticatedUser().getTenantDomain();