Merge pull request #1 from mwoodiupui/patch-1-mark

Patch 1 amended with changes from Mark Wood
2025-10-07 01:54:22 +00:00 · 2013-09-27 10:34:43 -07:00
parent 9fdbbf790d 1f180e8a7b
commit a474722e77
3 changed files with 22 additions and 8 deletions
--- a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/DSpaceCocoonServletFilter.java
+++ b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/DSpaceCocoonServletFilter.java
@@ -257,12 +257,17 @@ public class DSpaceCocoonServletFilter implements Filter
                    realResponse.sendRedirect(locationWithTrailingSlash);
                }    
 	        // if force ssl is on and the user has authenticated and the request is not secure redirect to https
-                else if ((ConfigurationManager.getBooleanProperty("xmlui.force.ssl")) && (realRequest.getSession().getAttribute("dspace.user.effective")!=null) && (!realRequest.isSecure())) {
-	                StringBuffer location = new StringBuffer("https://");
-	                location.append(ConfigurationManager.getProperty("dspace.hostname")).append(realRequest.getContextPath()).append(realRequest.getServletPath()).append(
-	                        realRequest.getQueryString() == null ? ""
-	                                : ("?" + realRequest.getQueryString()));
-	                realResponse.sendRedirect(location.toString());
+                else if ((ConfigurationManager.getBooleanProperty("xmlui.force.ssl"))
+                        && (AuthenticationUtil.isLoggedIn(realRequest))
+                        && (!realRequest.isSecure()))
+                {
+                    StringBuffer location = new StringBuffer("https://");
+                    location.append(ConfigurationManager.getProperty("dspace.hostname"))
+                            .append(realRequest.getContextPath())
+                            .append(realRequest.getServletPath())
+                            .append(realRequest.getQueryString() == null ? ""
+                                    : ("?" + realRequest.getQueryString()));
+                    realResponse.sendRedirect(location.toString());
 	        }
                else
                {   // invoke the next filter
--- a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/MetadataExportReader.java
+++ b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/cocoon/MetadataExportReader.java
@@ -142,7 +142,7 @@ public class MetadataExportReader extends AbstractReader implements Recyclable
                     *
                     */

-                   if(this.request.getSession().getAttribute("dspace.current.user.id")!=null) {
+                   if(AuthenticationUtil.isLoggedIn(request)) {
                      String redictURL = request.getContextPath() + "/restricted-resource";
                        HttpServletResponse httpResponse = (HttpServletResponse)
            		objectModel.get(HttpEnvironment.HTTP_RESPONSE_OBJECT);
--- a/dspace-xmlui/src/main/java/org/dspace/app/xmlui/utils/AuthenticationUtil.java
+++ b/dspace-xmlui/src/main/java/org/dspace/app/xmlui/utils/AuthenticationUtil.java
@@ -613,5 +613,14 @@ public class AuthenticationUtil
    	// Otherwise return the real request.
    	return realHttpRequest;
    }
-    
+
+    /**
+     * Has this user authenticated?
+     * @param request
+     * @return true if request is in a session having a user ID.
+     */
+    public static boolean isLoggedIn(HttpServletRequest request)
+    {
+        return (null != request.getSession().getAttribute(EFFECTIVE_USER_ID));
+    }
 }