Index: lams_common/src/java/org/lamsfoundation/lams/integration/security/SingleSignOn.java =================================================================== diff -u -ra6c811f76bb76ac536cfdd785679f2a3c16ca1ac -re9764755604aa0fd703226d3d36849a7bd0f1985 --- lams_common/src/java/org/lamsfoundation/lams/integration/security/SingleSignOn.java (.../SingleSignOn.java) (revision a6c811f76bb76ac536cfdd785679f2a3c16ca1ac) +++ lams_common/src/java/org/lamsfoundation/lams/integration/security/SingleSignOn.java (.../SingleSignOn.java) (revision e9764755604aa0fd703226d3d36849a7bd0f1985) @@ -112,14 +112,6 @@ request.setAuthType(entry.getAuthType()); request.setUserPrincipal(entry.getPrincipal()); } - } else if (!request.getRequestURI().endsWith(Constants.FORM_ACTION)) { - // if (log.isDebugEnabled()) - // log.debug(" No cached principal found, erasing SSO cookie"); - deregister(cookie.getValue()); - cookie = new Cookie(cookie.getName(), ""); - cookie.setPath("/"); - cookie.setMaxAge(0); - response.addCookie(cookie); } // Invoke the next Valve in our pipeline Index: lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java =================================================================== diff -u -ra6c811f76bb76ac536cfdd785679f2a3c16ca1ac -re9764755604aa0fd703226d3d36849a7bd0f1985 --- lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java (.../SessionManager.java) (revision a6c811f76bb76ac536cfdd785679f2a3c16ca1ac) +++ lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java (.../SessionManager.java) (revision e9764755604aa0fd703226d3d36849a7bd0f1985) @@ -176,29 +176,26 @@ public static void startSession(ServletRequest req, ServletResponse res) { Cookie ssoCookie = findCookie((HttpServletRequest) req, SystemSessionFilter.SSO_SESSION_COOKIE); String currentSessionId = null; - - if (ssoCookie == null) { - currentSessionId = (String) new UUIDHexGenerator().generate(null, null); - // create new session and set it into cookie - createSession(currentSessionId); - ssoCookie = createCookie((HttpServletResponse) res, SystemSessionFilter.SSO_SESSION_COOKIE, - currentSessionId); - SessionManager.log.debug("==>Creating new " + SystemSessionFilter.SSO_SESSION_COOKIE + " - " - + ssoCookie.getValue()); - } else { + if (ssoCookie != null) { currentSessionId = ssoCookie.getValue(); Object obj = getSession(currentSessionId); - // log.debug(ssoCookie.getName() + " cookie exists, value " + currentSessionId); + //log.debug(ssoCookie.getName() + " cookie exists, value " + currentSessionId); // if cookie exists, but session does not - usually means session expired. // delete the cookie first and set it to null in order to create a new one if (obj == null) { - log.debug(SystemSessionFilter.SSO_SESSION_COOKIE + " " + currentSessionId + log.debug(SystemSessionFilter.SSO_SESSION_COOKIE + " " + currentSessionId + " cookie exists, but corresponding session doesn't exist, removing cookie"); - removeCookie((HttpServletResponse) res, SystemSessionFilter.SSO_SESSION_COOKIE); - currentSessionId = null; + removeCookie((HttpServletResponse) res,SystemSessionFilter.SSO_SESSION_COOKIE); + ssoCookie = null; } } - + if (ssoCookie == null) { + currentSessionId = (String) new UUIDHexGenerator().generate(null, null); + // create new session and set it into cookie + createSession(currentSessionId); + ssoCookie = createCookie((HttpServletResponse) res, SystemSessionFilter.SSO_SESSION_COOKIE, currentSessionId); + SessionManager.log.debug("==>Creating new " + SystemSessionFilter.SSO_SESSION_COOKIE + " - " + ssoCookie.getValue()); + } Cookie cookie = findCookie((HttpServletRequest) req, SystemSessionFilter.SYS_SESSION_COOKIE); if (cookie == null) { @@ -209,7 +206,7 @@ session.invalidate(); } } - + setCurrentSessionId(currentSessionId); // reset session last access time SessionVisitor sessionVisitor = getSessionVisitor();