fix: redirect-back after login

[gigi.git] / src / org / cacert / gigi / pages / LoginPage.java

diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java
index 5232c09446733bfd3e8290fd200f44fa83f24a31..e4aa2e744ad008da66724da8278540dccdb07cfa 100644 (file)
--- a/src/org/cacert/gigi/pages/LoginPage.java
+++ b/src/org/cacert/gigi/pages/LoginPage.java
@@ -96,7 +96,7 @@ public class LoginPage extends Page {
     }
 
     private static String redirectPath(HttpServletRequest req) {
-        String redir = (String) req.getSession().getAttribute(LOGIN_RETURNPATH);
+        String redir = (String) req.getAttribute(LOGIN_RETURNPATH);
         String s = redir;
         if (s != null) {
             if ( !s.startsWith("/")) {
@@ -164,11 +164,11 @@ public class LoginPage extends Page {
     }
 
     public static String extractSerialFormCert(X509Certificate x509Certificate) {
-        return x509Certificate.getSerialNumber().toString(16).toUpperCase();
+        return x509Certificate.getSerialNumber().toString(16).toLowerCase();
     }
 
     public static User fetchUserBySerial(String serial) {
-        if ( !serial.matches("[A-Fa-f0-9]+")) {
+        if ( !serial.matches("[a-f0-9]+")) {
             throw new Error("serial malformed.");
         }
 
@@ -194,6 +194,7 @@ public class LoginPage extends Page {
         if (user.isInGroup(LOGIN_BLOCKED)) {
             return;
         }
+        req.setAttribute(LOGIN_RETURNPATH, req.getSession().getAttribute(LOGIN_RETURNPATH));
         req.getSession().invalidate();
         HttpSession hs = req.getSession();
         hs.setAttribute(LOGGEDIN, true);