import java.io.PrintWriter;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.io.PrintWriter;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import club.wpia.gigi.GigiApiException;
import club.wpia.gigi.database.GigiPreparedStatement;
import club.wpia.gigi.database.GigiResultSet;
import club.wpia.gigi.GigiApiException;
import club.wpia.gigi.database.GigiPreparedStatement;
import club.wpia.gigi.database.GigiResultSet;
import club.wpia.gigi.dbObjects.CertificateOwner;
import club.wpia.gigi.dbObjects.Group;
import club.wpia.gigi.dbObjects.User;
import club.wpia.gigi.dbObjects.CertificateOwner;
import club.wpia.gigi.dbObjects.Group;
import club.wpia.gigi.dbObjects.User;
private void tryAuthWithCertificate(HttpServletRequest req, X509Certificate x509Certificate) {
BigInteger serial = extractSerialFormCert(x509Certificate);
private void tryAuthWithCertificate(HttpServletRequest req, X509Certificate x509Certificate) {
BigInteger serial = extractSerialFormCert(x509Certificate);
- loginSession(req, user);
+ if (c.getExpiryDate().before(new Date()) || c.getRevocationDate() != null || c.isLoginEnabled() == false) {
+ return;
+ }
+ loginSession(req, user, true);
req.getSession().setAttribute(CERT_SERIAL, serial);
req.getSession().setAttribute(CERT_ISSUER, x509Certificate.getIssuerDN());
req.getSession().setAttribute(LOGIN_METHOD, new TranslateCommand("Certificate"));
req.getSession().setAttribute(CERT_SERIAL, serial);
req.getSession().setAttribute(CERT_ISSUER, x509Certificate.getIssuerDN());
req.getSession().setAttribute(LOGIN_METHOD, new TranslateCommand("Certificate"));
HttpSession hs = req.getSession();
hs.setAttribute(LOGGEDIN, true);
hs.setAttribute(Language.SESSION_ATTRIB_NAME, user.getPreferredLocale());
HttpSession hs = req.getSession();
hs.setAttribute(LOGGEDIN, true);
hs.setAttribute(Language.SESSION_ATTRIB_NAME, user.getPreferredLocale());
- hs.setAttribute(AUTH_CONTEXT, new AuthorizationContext(user, user));
+ hs.setAttribute(AUTH_CONTEXT, new AuthorizationContext(user, user, isStronglyAuthenticated));