Store spring authentication in security context

If user is successfully logged in, store authentication in security context else redirect to login page.

Store spring authentication in security context
If user is successfully logged in, store authentication in security context else redirect to login page.
9c0f7753 · Paul-Christian Volkmer · c67e4512 · 9c0f7753
Commit 9c0f7753 authored 11 years ago by Paul-Christian Volkmer
--- a/src/main/java/de/thm/arsnova/controller/LoginController.java
+++ b/src/main/java/de/thm/arsnova/controller/LoginController.java
@@ -176,13 +176,18 @@ public class LoginController extends AbstractController {
 			Authentication token = new UsernamePasswordAuthenticationToken(user, password, getAuthorities());
 			try {
 				Authentication auth = ldapAuthenticationProvider.authenticate(token);
+				if (auth.isAuthenticated()) {
+					SecurityContextHolder.getContext().setAuthentication(token);
+					request.getSession(true).setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
+							SecurityContextHolder.getContext());
+					return new RedirectView("/#auth/checkLogin");
+				}
 				LOGGER.info("LDAPLOGIN: {}", auth.isAuthenticated());
-				return new RedirectView(referer + "#auth/checkLogin");
 			}
 			catch (AuthenticationException e) {
 				LOGGER.info("No LDAP login: {}", e);
-				return new RedirectView("/login.html");
 			}
+			return new RedirectView("/login.html");
 		}
 		return null;
 	}