From 3c51f8ccee8a1401c3946433b38c903cbc152c1f Mon Sep 17 00:00:00 2001
From: Robert von Burg <eitch@eitchnet.ch>
Date: Fri, 5 Jun 2020 15:44:22 +0200
Subject: [PATCH] [Minor] Don't allow certificate with keepAlive if not enabled
 globally

---
 .../li/strolch/privilege/handler/DefaultPrivilegeHandler.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java
index 0484f082e..21b2e8b5f 100644
--- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java
+++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java
@@ -1321,8 +1321,8 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
 		DBC.PRE.assertNotEmpty("source must not be empty!", source);
 		Set<String> userRoles = user.getRoles();
 		return new Certificate(usage, sessionId, user.getUsername(), user.getFirstname(), user.getLastname(),
-				user.getUserState(), authToken, source, loginTime, keepAlive, user.getLocale(), userRoles,
-				new HashMap<>(user.getProperties()));
+				user.getUserState(), authToken, source, loginTime, keepAlive && this.allowSessionRefresh,
+				user.getLocale(), userRoles, new HashMap<>(user.getProperties()));
 	}
 
 	private synchronized boolean persistSessions() {