b94137a4592d7f8fdfa015af9241df5b749153bd,plugins/jetty8/src/main/java/org/apache/cxf/fediz/jetty8/FederationAuthenticator.java,FederationAuthenticator,validateRequest,#ServletRequest#ServletResponse#boolean#,152

Before Change


                        LOG.debug("WSFED authentication FAILED");
                    }
                    if (response != null) {
                        response.sendError(HttpServletResponse.SC_FORBIDDEN);
                    }

                }

After Change


                            // Check the context
                            String savedContext = (String) session.getAttribute(J_CONTEXT);
                            String receivedContext = request.getParameter(FederationConstants.PARAM_CONTEXT);
                            if (savedContext == null || !savedContext.equals(receivedContext)) {
                                LOG.warn("The received wctx parameter does not match the saved value");
                                response.sendError(HttpServletResponse.SC_FORBIDDEN);
                                return Authentication.UNAUTHENTICATED;
                            }
                            
                            nuri = (String) session.getAttribute(J_URI);

                            if (nuri == null || nuri.length() == 0)
                            {
                                nuri = request.getContextPath();
                                if (nuri.length() == 0) { 
                                    nuri = URIUtil.SLASH;
                                }
                            }
                            Authentication cached=new SessionAuthentication(getAuthMethod(), user, wfRes);
                            session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, cached);
                        }
                        
                        FederationUserIdentity fui = (FederationUserIdentity)user;
                        session.setAttribute(SECURITY_TOKEN_ATTR, fui.getToken());
                        
                        response.setContentLength(0);   
                        response.sendRedirect(response.encodeRedirectURL(nuri));

                        return new FederationAuthentication(getAuthMethod(), user);
                    }

                    // not authenticated
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("WSFED authentication FAILED");
                    }
                    if (response != null) {
                        response.sendError(HttpServletResponse.SC_FORBIDDEN);
                        return Authentication.UNAUTHENTICATED;
                    }