Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 20:42:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-206: Include context root when generating cookies.

Browse Source
This commit is contained in:
Ben Alex 2006-04-26 03:35:33 +00:00
parent 5d9ed78b50
commit 6bae43d380
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
View File

@ -262,7 +262,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
logger.debug("Cancelling cookie for reason: " + reasonForLog); logger.debug("Cancelling cookie for reason: " + reasonForLog);
} }
response.addCookie(makeCancelCookie()); response.addCookie(makeCancelCookie(request));
} }
public String getKey() { public String getKey() {
@ -330,7 +330,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
String tokenValue = username + ":" + expiryTime + ":" + signatureValue; String tokenValue = username + ":" + expiryTime + ":" + signatureValue;
String tokenValueBase64 = new String(Base64.encodeBase64( String tokenValueBase64 = new String(Base64.encodeBase64(
tokenValue.getBytes())); tokenValue.getBytes()));
response.addCookie(makeValidCookie(expiryTime, tokenValueBase64)); response.addCookie(makeValidCookie(expiryTime, tokenValueBase64, request));
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Added remember-me cookie for user '" + username logger.debug("Added remember-me cookie for user '" + username
@ -338,18 +338,20 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
} }
} }
protected Cookie makeCancelCookie() { protected Cookie makeCancelCookie(HttpServletRequest request) {
Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
null); null);
cookie.setMaxAge(0); cookie.setMaxAge(0);
cookie.setPath(request.getContextPath());
return cookie; return cookie;
} }
protected Cookie makeValidCookie(long expiryTime, String tokenValueBase64) { protected Cookie makeValidCookie(long expiryTime, String tokenValueBase64, HttpServletRequest request) {
Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY, Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
tokenValueBase64); tokenValueBase64);
cookie.setMaxAge(60 * 60 * 24 * 365 * 5); // 5 years cookie.setMaxAge(60 * 60 * 24 * 365 * 5); // 5 years
cookie.setPath(request.getContextPath());
return cookie; return cookie;
} }