<%@ include file="/common/taglibs.jsp"%>
<%@page import="org.springframework.web.context.request.SessionScope"%>
<%@ page import="org.lamsfoundation.lams.util.Configuration"%>
<%@ page import="org.lamsfoundation.lams.util.ConfigurationKeys"%>
<%@ page import="org.lamsfoundation.lams.web.session.SessionManager"%>
<%@ page import="org.lamsfoundation.lams.usermanagement.dto.UserDTO"%>
<%=Configuration.get(ConfigurationKeys.FORGOT_YOUR_PASSWORD_LINK_ENABLE)%>
<%-- If login param is empty, this is a regular, manual login page.
Otherwise it is a just an almost empty redirect page for integrations and LoginAs authentication.
--%>
<%-- Optional Module Placeholder - do not remove --%>
<fmt:message key="title.login.window" />
<%-- This is version for integrations and LoginAs authentication. --%>
<%
// invalidate session so a new user can be logged in
HttpSession hs = SessionManager.getSession();
Boolean isSignup = false;
if (hs != null) {
UserDTO userDTO = null;
try {
userDTO = (UserDTO) hs.getAttribute("user");
} catch (Exception e) {
// something is wrong, so try to invalidate the session
try {
hs.invalidate();
} catch (Exception e1){
// do nothing if invalidation fails
}
}
if (userDTO != null && !userDTO.getLogin().equals(request.getAttribute("login"))) {
isSignup = (Boolean) hs.getAttribute("isSignup");
// remove session from mapping
SessionManager.removeSessionByLogin(userDTO.getLogin(), true);
// tell SsoHandler about some previous session settings
hs = request.getSession();
hs.setAttribute("isSignup", isSignup);
hs.setAttribute("isLoginAs", request.getAttribute("isLoginAs"));
}
}
hs = request.getSession();
hs.setAttribute("isIntegrationLogin", isSignup == null || !isSignup);
%>