From fe26d37de0885ddab4d7eaaba6e0501b82226fb8 Mon Sep 17 00:00:00 2001
From: Daniel Haag <daniel.haag@uibk.ac.at>
Date: Wed, 9 Oct 2019 15:57:20 +0200
Subject: [PATCH] openolat#122: set authenticated only after the disclaimer is
 accepted

---
 src/main/java/org/olat/shibboleth/ShibbolethDispatcher.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/main/java/org/olat/shibboleth/ShibbolethDispatcher.java b/src/main/java/org/olat/shibboleth/ShibbolethDispatcher.java
index e1d2b29f7f7..b9a3c77391d 100644
--- a/src/main/java/org/olat/shibboleth/ShibbolethDispatcher.java
+++ b/src/main/java/org/olat/shibboleth/ShibbolethDispatcher.java
@@ -175,6 +175,7 @@ public class ShibbolethDispatcher implements Dispatcher{
 			ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(req);
 		}
 		int loginStatus = AuthHelper.doLogin(auth.getIdentity(), ShibbolethDispatcher.PROVIDER_SHIB, ureq);
+		ureq.getUserSession().setAuthenticated(false);
 		if (loginStatus != AuthHelper.LOGIN_OK) {
 			if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
 				DispatcherModule.redirectToServiceNotAvailable(resp);
@@ -192,6 +193,7 @@ public class ShibbolethDispatcher implements Dispatcher{
 			if (CoreSpringFactory.getImpl(RegistrationManager.class).needsToConfirmDisclaimer(authenticationedIdentity)) {
 				disclaimer(resp);
 			} else {
+				ureq.getUserSession().setAuthenticated(true);
 				MediaResource mr = ureq.getDispatchResult().getResultingMediaResource();
 				if (mr instanceof RedirectMediaResource) {
 					RedirectMediaResource rmr = (RedirectMediaResource)mr;
-- 
GitLab