diff --git a/org.adempiere.base/src/org/adempiere/base/sso/ISSOPrincipalService.java b/org.adempiere.base/src/org/adempiere/base/sso/ISSOPrincipalService.java index 674a249fa2..ea41ab3d2d 100644 --- a/org.adempiere.base/src/org/adempiere/base/sso/ISSOPrincipalService.java +++ b/org.adempiere.base/src/org/adempiere/base/sso/ISSOPrincipalService.java @@ -27,7 +27,7 @@ public interface ISSOPrincipalService { public static final String SSO_PRINCIPAL_SESSION_TOKEN = "sso.principal.token"; - public static final String SSO_ZOOM_PARAM = "sso.zoom.param"; + public static final String SSO_QUERY_STRING = "sso.query.string"; public static final String SSO_ADMIN_LOGIN = "sso.admin.login"; /** diff --git a/org.adempiere.base/src/org/compiere/util/Login.java b/org.adempiere.base/src/org/compiere/util/Login.java index 85c582a9bc..6562c40c8e 100644 --- a/org.adempiere.base/src/org/compiere/util/Login.java +++ b/org.adempiere.base/src/org/compiere/util/Login.java @@ -1362,10 +1362,10 @@ public class Login ISSOPrincipalService ssoPrincipal = SSOUtils.getSSOPrincipalService(); where.append(" AND EXISTS (SELECT * FROM AD_User u ") .append(" INNER JOIN AD_Client c ON (u.AD_Client_ID = c.AD_Client_ID) ") - .append(" WHERE COALESCE(u.AuthenticationType, c.AuthenticationType) IN "); + .append(" WHERE (COALESCE(u.AuthenticationType, c.AuthenticationType) IN "); //If Enable_SSO=N then don't allow SSO only users. where.append((isSSOEnable && ssoPrincipal != null && isSSOLogin) ? " ('SSO', 'AAS') " : " ('APO', 'AAS') "); - where.append(" OR COALESCE(u.AuthenticationType, c.AuthenticationType) IS NULL AND u.AD_User_ID = AD_User.AD_User_ID) "); + where.append(" OR COALESCE(u.AuthenticationType, c.AuthenticationType) IS NULL) AND u.AD_User_ID = AD_User.AD_User_ID) "); String whereRoleType = MRole.getWhereRoleType(roleTypes, "r"); where.append(" AND") diff --git a/org.adempiere.eclipse.equinox.http.servlet/src/org/adempiere/eclipse/equinox/http/servlet/BridgeFilter.java b/org.adempiere.eclipse.equinox.http.servlet/src/org/adempiere/eclipse/equinox/http/servlet/BridgeFilter.java index edf03add6a..f0714d9ff2 100644 --- a/org.adempiere.eclipse.equinox.http.servlet/src/org/adempiere/eclipse/equinox/http/servlet/BridgeFilter.java +++ b/org.adempiere.eclipse.equinox.http.servlet/src/org/adempiere/eclipse/equinox/http/servlet/BridgeFilter.java @@ -85,7 +85,8 @@ public class BridgeFilter extends BridgeServlet implements Filter { // Use authentication code to get token String currentUri = req.getRequestURL().toString(); m_SSOPrincipal.getAuthenticationToken(req, resp, SSOUtils.SSO_MODE_OSGI); - resp.sendRedirect(currentUri); + if (!resp.isCommitted()) + resp.sendRedirect(currentUri); } else if (!m_SSOPrincipal.isAuthenticated(req, resp)) { // Redirect to SSO sing in page for authentication m_SSOPrincipal.redirectForAuthentication(req, resp, SSOUtils.SSO_MODE_OSGI); diff --git a/org.adempiere.server/src/main/servlet/org/compiere/web/AdempiereMonitorFilter.java b/org.adempiere.server/src/main/servlet/org/compiere/web/AdempiereMonitorFilter.java index 3f063423de..896937c4a5 100644 --- a/org.adempiere.server/src/main/servlet/org/compiere/web/AdempiereMonitorFilter.java +++ b/org.adempiere.server/src/main/servlet/org/compiere/web/AdempiereMonitorFilter.java @@ -110,7 +110,8 @@ public class AdempiereMonitorFilter implements Filter // Use authentication code get get token String currentUri = req.getRequestURL().toString(); m_SSOPrincipal.getAuthenticationToken(req, resp, SSOUtils.SSO_MODE_MONITOR); - resp.sendRedirect(currentUri); + if (!resp.isCommitted()) + resp.sendRedirect(currentUri); } else if (!m_SSOPrincipal.isAuthenticated(req, resp)) { // Redirect to SSO sing in page for authentication m_SSOPrincipal.redirectForAuthentication(req, resp, SSOUtils.SSO_MODE_MONITOR); diff --git a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/sso/filter/SSOWebUIFilter.java b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/sso/filter/SSOWebUIFilter.java index 6a23fc4886..49ae97723c 100644 --- a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/sso/filter/SSOWebUIFilter.java +++ b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/sso/filter/SSOWebUIFilter.java @@ -102,16 +102,19 @@ public class SSOWebUIFilter implements Filter String currentUri = httpRequest.getRequestURL().toString(); m_SSOPrincipal.getAuthenticationToken(httpRequest, httpResponse, SSOUtils.SSO_MODE_WEBUI); - // Redirect to default request URL after authentication and handle zoom. - Object zoomPara = httpRequest.getSession().getAttribute(ISSOPrincipalService.SSO_ZOOM_PARAM); - if (zoomPara != null && !Util.isEmpty((String) zoomPara)) - currentUri += "?" + (String) zoomPara; - httpResponse.sendRedirect(currentUri); - httpRequest.getSession().removeAttribute(ISSOPrincipalService.SSO_ZOOM_PARAM); + if (!httpResponse.isCommitted()) + { + // Redirect to default request URL after authentication and handle query string. + Object queryString = httpRequest.getSession().getAttribute(ISSOPrincipalService.SSO_QUERY_STRING); + if (queryString != null && queryString instanceof String && !Util.isEmpty((String) queryString)) + currentUri += "?" + (String) queryString; + httpRequest.getSession().removeAttribute(ISSOPrincipalService.SSO_QUERY_STRING); + httpResponse.sendRedirect(currentUri); + } } else if (!m_SSOPrincipal.isAuthenticated(httpRequest, httpResponse)) { - httpRequest.getSession().setAttribute(ISSOPrincipalService.SSO_ZOOM_PARAM, httpRequest.getQueryString()); + httpRequest.getSession().setAttribute(ISSOPrincipalService.SSO_QUERY_STRING, httpRequest.getQueryString()); // Redirect to SSO sing in page for authentication m_SSOPrincipal.redirectForAuthentication(httpRequest, httpResponse, SSOUtils.SSO_MODE_WEBUI); return;