cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wid...@apache.org
Subject [34/50] [abbrv] git commit: updated refs/heads/reporter to 178a938
Date Wed, 04 Mar 2015 10:06:18 GMT
server: check and set sercure cookie flag only after login

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 0f819f1583116d93ca3ebf460b69cd74144a25b2)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/ed099c3f
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/ed099c3f
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/ed099c3f

Branch: refs/heads/reporter
Commit: ed099c3f964e4b18a3c431b59cdb63533ec91d81
Parents: 20bcb4b
Author: Rohit Yadav <rohit.yadav@shapeblue.com>
Authored: Sat Feb 28 18:20:56 2015 +0530
Committer: Rohit Yadav <rohit.yadav@shapeblue.com>
Committed: Sat Feb 28 18:23:05 2015 +0530

----------------------------------------------------------------------
 server/src/com/cloud/api/ApiServlet.java | 8 ++++++++
 1 file changed, 8 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ed099c3f/server/src/com/cloud/api/ApiServlet.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiServlet.java b/server/src/com/cloud/api/ApiServlet.java
index 5628d98..1fd16ba 100644
--- a/server/src/com/cloud/api/ApiServlet.java
+++ b/server/src/com/cloud/api/ApiServlet.java
@@ -194,6 +194,14 @@ public class ApiServlet extends HttpServlet {
                             }
                         }
                         session = req.getSession(true);
+                        if (ApiServer.isSecureSessionCookieEnabled()) {
+                            resp.setHeader("SET-COOKIE", "JSESSIONID=" + session.getId()
+ ";Secure;Path=/client");
+                            if (s_logger.isDebugEnabled()) {
+                                if (s_logger.isDebugEnabled()) {
+                                    s_logger.debug("Session cookie is marked secure!");
+                                }
+                            }
+                        }
                     }
 
                     try {


Mime
View raw message