86163: Feedback on Shibboleth changes

dspace-api/src/main/java/org/dspace/authenticate/AuthenticationServiceImpl.java

@@ -194,6 +194,7 @@ public class AuthenticationServiceImpl implements AuthenticationService {
         return getAuthenticationMethodStack().iterator();
     }
 
+    @Override
     public String getAuthenticationMethod(final Context context, final HttpServletRequest request) {
         final Iterator<AuthenticationMethod> authenticationMethodIterator = authenticationMethodIterator();
 

dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java

@@ -264,7 +264,7 @@ public class LDAPAuthentication
 
             if (ldap.ldapAuthenticate(dn, password, context)) {
                 context.setCurrentUser(eperson);
-                request.getSession().setAttribute(LDAP_AUTHENTICATED, true);
+                request.setAttribute(LDAP_AUTHENTICATED, true);
 
                 // assign user to groups based on ldap dn
                 assignGroups(dn, ldap.ldapGroup, context);
@@ -315,7 +315,7 @@ public class LDAPAuthentication
                             context.dispatchEvents();
                             context.restoreAuthSystemState();
                             context.setCurrentUser(eperson);
-                            request.getSession().setAttribute(LDAP_AUTHENTICATED, true);
+                            request.setAttribute(LDAP_AUTHENTICATED, true);
 
 
                             // assign user to groups based on ldap dn
@@ -347,7 +347,7 @@ public class LDAPAuthentication
                                     ePersonService.update(context, eperson);
                                     context.dispatchEvents();
                                     context.setCurrentUser(eperson);
-                                    request.getSession().setAttribute(LDAP_AUTHENTICATED, true);
+                                    request.setAttribute(LDAP_AUTHENTICATED, true);
 
 
                                     // assign user to groups based on ldap dn
@@ -747,7 +747,7 @@ public class LDAPAuthentication
     public boolean isUsed(final Context context, final HttpServletRequest request) {
         if (request != null &&
                 context.getCurrentUser() != null &&
-                request.getSession().getAttribute(LDAP_AUTHENTICATED) != null) {
+                request.getAttribute(LDAP_AUTHENTICATED) != null) {
             return true;
         }
         return false;

dspace-api/src/main/java/org/dspace/authenticate/PasswordAuthentication.java

@@ -220,7 +220,7 @@ public class PasswordAuthentication
                 // login is ok if password matches:
                 context.setCurrentUser(eperson);
                 if (request != null) {
-                    request.getSession().setAttribute(PASSWORD_AUTHENTICATED, true);
+                    request.setAttribute(PASSWORD_AUTHENTICATED, true);
                 }
                 log.info(LogHelper.getHeader(context, "authenticate", "type=PasswordAuthentication"));
                 return SUCCESS;
@@ -259,7 +259,7 @@ public class PasswordAuthentication
     public boolean isUsed(final Context context, final HttpServletRequest request) {
         if (request != null &&
                 context.getCurrentUser() != null &&
-                request.getSession().getAttribute(PASSWORD_AUTHENTICATED) != null) {
+                request.getAttribute(PASSWORD_AUTHENTICATED) != null) {
             return true;
         }
         return false;

dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java

@@ -235,7 +235,7 @@ public class ShibAuthentication implements AuthenticationMethod {
 
             // Step 4: Log the user in.
             context.setCurrentUser(eperson);
-            request.getSession().setAttribute("shib.authenticated", true);
+            request.setAttribute("shib.authenticated", true);
             AuthenticateServiceFactory.getInstance().getAuthenticationService().initEPerson(context, request, eperson);
 
             log.info(eperson.getEmail() + " has been authenticated via shibboleth.");
@@ -403,7 +403,7 @@ public class ShibAuthentication implements AuthenticationMethod {
 
             // Cache the special groups, so we don't have to recalculate them again
             // for this session.
-            request.getSession().setAttribute("shib.specialgroup", groupIds);
+            request.setAttribute("shib.specialgroup", groupIds);
 
             return new ArrayList<>(groups);
         } catch (Throwable t) {
@@ -1287,7 +1287,7 @@ public class ShibAuthentication implements AuthenticationMethod {
     public boolean isUsed(final Context context, final HttpServletRequest request) {
         if (request != null &&
                 context.getCurrentUser() != null &&
-                request.getSession().getAttribute("shib.authenticated") != null) {
+                request.getAttribute("shib.authenticated") != null) {
             return true;
         }
         return false;

dspace-api/src/main/java/org/dspace/authenticate/X509Authentication.java

@@ -546,7 +546,7 @@ public class X509Authentication implements AuthenticationMethod {
                         context.dispatchEvents();
                         context.restoreAuthSystemState();
                         context.setCurrentUser(eperson);
-                        request.getSession().setAttribute(X509_AUTHENTICATED, true);
+                        request.setAttribute(X509_AUTHENTICATED, true);
                         setSpecialGroupsFlag(request, email);
                         return SUCCESS;
                     } else {
@@ -603,7 +603,7 @@ public class X509Authentication implements AuthenticationMethod {
     public boolean isUsed(final Context context, final HttpServletRequest request) {
         if (request != null &&
                 context.getCurrentUser() != null &&
-                request.getSession().getAttribute(X509_AUTHENTICATED) != null) {
+                request.getAttribute(X509_AUTHENTICATED) != null) {
             return true;
         }
         return false;