Skip to content

Commit 6f20dfc

Browse files
committed
Optionally force user logout after account creation
1 parent 74cd802 commit 6f20dfc

File tree

4 files changed

+29
-0
lines changed

4 files changed

+29
-0
lines changed

server/src/main/java/password/pwm/config/PwmSetting.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -815,6 +815,8 @@ public enum PwmSetting
815815
"newUser.writeAttributes", PwmSettingSyntax.ACTION, PwmSettingCategory.NEWUSER_PROFILE ),
816816
NEWUSER_DELETE_ON_FAIL(
817817
"newUser.deleteOnFail", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.NEWUSER_PROFILE ),
818+
NEWUSER_LOGOUT_AFTER_CREATION(
819+
"newUser.logoutAfterCreation", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.NEWUSER_PROFILE ),
818820
NEWUSER_USERNAME_DEFINITION(
819821
"newUser.username.definition", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.NEWUSER_PROFILE ),
820822
NEWUSER_EMAIL_VERIFICATION(

server/src/main/java/password/pwm/http/servlet/newuser/NewUserServlet.java

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@
4444
import password.pwm.http.PwmSession;
4545
import password.pwm.http.PwmURL;
4646
import password.pwm.http.bean.NewUserBean;
47+
import password.pwm.http.filter.AuthenticationFilter;
4748
import password.pwm.http.servlet.AbstractPwmServlet;
4849
import password.pwm.http.servlet.ControlledPwmServlet;
4950
import password.pwm.http.servlet.PwmServletDefinition;
@@ -693,6 +694,25 @@ private ProcessStatus handleComplete(
693694
// -- process complete -- \\
694695
pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, NewUserBean.class );
695696

697+
if ( pwmRequest.isAuthenticated() )
698+
{
699+
final PwmSession pwmSession = pwmRequest.getPwmSession();
700+
701+
if ( AuthenticationFilter.forceRequiredRedirects( pwmRequest ) == ProcessStatus.Halt )
702+
{
703+
return ProcessStatus.Halt;
704+
}
705+
706+
// log the user out if the current profiles states so
707+
final boolean forceLogoutOnChange = newUserProfile.readSettingAsBoolean( PwmSetting.NEWUSER_LOGOUT_AFTER_CREATION );
708+
if ( forceLogoutOnChange )
709+
{
710+
LOGGER.trace( pwmSession, "logging out user; account created" );
711+
pwmRequest.sendRedirect( PwmServletDefinition.Logout );
712+
return ProcessStatus.Halt;
713+
}
714+
}
715+
696716
final String configuredRedirectUrl = newUserProfile.readSettingAsString( PwmSetting.NEWUSER_REDIRECT_URL );
697717
if ( !StringUtil.isEmpty( configuredRedirectUrl ) && StringUtil.isEmpty( pwmRequest.getPwmSession().getSessionStateBean().getForwardURL() ) )
698718
{

server/src/main/resources/password/pwm/config/PwmSetting.xml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2722,6 +2722,11 @@
27222722
<value>true</value>
27232723
</default>
27242724
</setting>
2725+
<setting hidden="false" key="newUser.logoutAfterCreation" level="2">
2726+
<default>
2727+
<value>false</value>
2728+
</default>
2729+
</setting>
27252730
<setting hidden="false" key="newUser.username.definition" level="1">
27262731
<default>
27272732
<value><![CDATA[@RandomChar:16:ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789@]]></value>

server/src/main/resources/password/pwm/i18n/PwmSetting.properties

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -481,6 +481,7 @@ Setting_Description_newUser.deleteOnFail=Enable this option to have @PwmAppName@
481481
Setting_Description_newUser.email.verification=Enable this option to have @PwmAppName@ send an email to the new user's email address before it creates the account. The new user must verify receipt of the email before @PwmAppName@ creates the account. All of your email settings must also be filled out before this will work. Testing the email settings should take place to verify that this email will be sent.
482482
Setting_Description_newUser.enable=Enable this option to allow @PwmAppName@ to display the new user registration.
483483
Setting_Description_newUser.form=Specify the New User form creation attributes and fields. This is used to determine what information will need to be filled in before submitting the new user form to create the new user.
484+
Setting_Description_newUser.logoutAfterCreation=Enable this option to force the new user to log out (and send him to the logoutURL) after the account has been created.<br/><br/>Leave this option disabled (default) to make @PwmAppName@ automatically login the new user.
484485
Setting_Description_newUser.minimumWaitTime=Specify a delay time during a new user creation. @PwmAppName@ delays the creation of the user for at least this amount of time before forwarding the user to the next activity. <br/><br/>Specify the value in seconds.
485486
Setting_Description_newUser.passwordPolicy.user=Specify the user @PwmAppName@ uses as a template for the new user password policy. If the value is <i>TESTUSER</i>, @PwmAppName@ uses the configured test user's password policy. The <i>TESTUSER</i> was entered at installation time.
486487
Setting_Description_newUser.profile.displayName=Specify the publicly viewable display name of this profile. This value will only be seen if the profile was enabled to be shown publicly.
@@ -977,6 +978,7 @@ Setting_Label_newUser.deleteOnFail=Delete On Creation Failure
977978
Setting_Label_newUser.email.verification=Enable New User Email Verification
978979
Setting_Label_newUser.enable=Enable New User Registration
979980
Setting_Label_newUser.form=New User Form
981+
Setting_Label_newUser.logoutAfterCreation=Logout After Creation
980982
Setting_Label_newUser.minimumWaitTime=New User Minimum Wait Time
981983
Setting_Label_newUser.passwordPolicy.user=Password Policy Template
982984
Setting_Label_newUser.profile.displayName=Profile Display Name

0 commit comments

Comments
 (0)