cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bhais...@apache.org
Subject git commit: updated refs/heads/4.5 to 0f819f1
Date Sat, 28 Feb 2015 12:51:16 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/4.5 b6b349478 -> 0f819f158


server: check and set sercure cookie flag only after login

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/0f819f15
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/0f819f15
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/0f819f15

Branch: refs/heads/4.5
Commit: 0f819f1583116d93ca3ebf460b69cd74144a25b2
Parents: b6b3494
Author: Rohit Yadav <rohit.yadav@shapeblue.com>
Authored: Sat Feb 28 18:20:56 2015 +0530
Committer: Rohit Yadav <rohit.yadav@shapeblue.com>
Committed: Sat Feb 28 18:20:56 2015 +0530

----------------------------------------------------------------------
 server/src/com/cloud/api/ApiServlet.java | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0f819f15/server/src/com/cloud/api/ApiServlet.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiServlet.java b/server/src/com/cloud/api/ApiServlet.java
index edfc246..7dada94 100644
--- a/server/src/com/cloud/api/ApiServlet.java
+++ b/server/src/com/cloud/api/ApiServlet.java
@@ -154,14 +154,6 @@ public class ApiServlet extends HttpServlet {
             }
 
             HttpSession session = req.getSession(false);
-            if (ApiServer.isSecureSessionCookieEnabled()) {
-                resp.setHeader("SET-COOKIE", "JSESSIONID=" + session.getId() + ";Secure;Path=/client");
-                if (s_logger.isDebugEnabled()) {
-                    if (s_logger.isDebugEnabled()) {
-                        s_logger.debug("Session cookie is marked secure!");
-                    }
-                }
-            }
             final Object[] responseTypeParam = params.get(ApiConstants.RESPONSE);
             if (responseTypeParam != null) {
                 responseType = (String)responseTypeParam[0];
@@ -187,6 +179,14 @@ public class ApiServlet extends HttpServlet {
                             }
                         }
                         session = req.getSession(true);
+                        if (ApiServer.isSecureSessionCookieEnabled()) {
+                            resp.setHeader("SET-COOKIE", "JSESSIONID=" + session.getId()
+ ";Secure;Path=/client");
+                            if (s_logger.isDebugEnabled()) {
+                                if (s_logger.isDebugEnabled()) {
+                                    s_logger.debug("Session cookie is marked secure!");
+                                }
+                            }
+                        }
                     }
 
                     try {


Mime
View raw message