external authentication -> revoke consent
Jochen Barth
barth at ub.uni-heidelberg.de
Fri Jun 24 04:38:05 EDT 2016
Dear reader,
we're trying to get our external authentication with option to revoke
consent running.
Everythings works fine till we check "revoke consent" -- then we're
getting a blank page. No errors are logged.
Here are the last few lines of our code:
// without condition, just for testing:
httpRequest.setAttribute(ExternalAuthentication.REVOKECONSENT_KEY,
java.lang.Boolean.TRUE);
//
AuthenticationEngine.returnToAuthenticationEngine(httpRequest,
httpResponse);
ExternalAuthentication.finishExternalAuthentication(EA_sEA,
httpRequest, httpResponse);
} catch (final ExternalAuthenticationException e) {
throw new ServletException("Error processing ShibExtAuth
authentication request", e);
}
catch(Exception e) {
logger.error("re-throwing exception ", e);
}
}
}
Look very similar to the end of
idp-authn-impl/src/main/java/net/shibboleth/idp/authn/impl/X509AuthServlet.java
svn diff -r 7587:head
idp-authn-impl/src/main/java/net/shibboleth/idp/authn/impl/ExternalAuthenticationImpl.java
seems to indicate, that before 7587 response.sendRedirect() was done
always(?)
attr = request.getAttribute(REVOKECONSENT_KEY);
if (attr != null && attr instanceof Boolean && ((Boolean)
attr).booleanValue()) {
- response.sendRedirect(extContext.getFlowExecutionUrl()
- + "&" +
ProfileInterceptorFlowDescriptor.REVOKE_CONSENT_PARAM + "=1");
+ final ConsentManagementContext consentCtx =
+
getProfileRequestContext(request).getSubcontext(ConsentManagementContext.class,
true);
+ consentCtx.setRevokeConsent(true);
} else {
response.sendRedirect(extContext.getFlowExecutionUrl());
}
Thanks + Kind regards,
Jochen
--
J. Barth * IT, Universitaetsbibliothek Heidelberg * 06221 / 54-2580
More information about the users
mailing list