[UNDERTOW-2409] Adjust properly session timeout also in case when GET…

… requests with custom auth mechanisms are used
undertow-io · Jun 18, 2024 · a02484b · a02484b
1 parent 04234f4
commit a02484b
Showing 1 changed file with 7 additions and 10 deletions.
diff --git a/...c/main/java/io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism.java b/...c/main/java/io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism.java
@@ -19,7 +19,6 @@
 package io.undertow.servlet.handlers.security;
 
 import static io.undertow.security.api.SecurityNotification.EventType.AUTHENTICATED;
-import static io.undertow.util.Methods.POST;
 import static io.undertow.util.StatusCodes.OK;
 
 import io.undertow.security.api.AuthenticationMechanism;
@@ -160,16 +159,14 @@ public ServletFormAuthenticationMechanism(FormParserFactory formParserFactory, S
 
     @Override
     public AuthenticationMechanismOutcome authenticate(final HttpServerExchange exchange, final SecurityContext securityContext) {
-        if (POST.equals(exchange.getRequestMethod())) {
-            securityContext.registerNotificationReceiver(new NotificationReceiver() {
-                @Override
-                public void handleNotification(final SecurityNotification notification) {
-                    if (notification.getEventType() == AUTHENTICATED) {
-                        getAndInitializeSession(exchange, false);
-                    }
+        securityContext.registerNotificationReceiver(new NotificationReceiver() {
+            @Override
+            public void handleNotification(final SecurityNotification notification) {
+                if (notification.getEventType() == AUTHENTICATED) {
+                    getAndInitializeSession(exchange, false);
                 }
-            });
-        }
+            }
+        });
         return super.authenticate(exchange, securityContext);
     }