I am using a servlet protected with Picketlink 2.6.1 Service Provider (Redirect) to authenticate with an OpenAM Idp. After authentication, the service servlet is called twice, once in a isCommitted state and once not in a isCommitted state. I would expect the servlet to be called only once after authentication is complete and not in the isCommitted state. Do I need to make provision in my servlet to handle this situation or is this a bug? I have attached a sample servlet. I am using a tomcat 7 container with the picketlink-tomcat7 binding.
Servlet Code:
// doGet get called twice when SAML authentication occurs
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
System.out.println("In my servlet");
response.setContentType("text/html");
if (!response.isCommitted()) {
response.sendRedirect("http://www.yahoo.com");
} else {
System.out.println("How did we get here?");
}
}