OFBiz › OFBiz - Commits

[ofbiz-framework] branch trunk updated: Improved: Add security.internal.sso.enabled and security.token.key SystemProperties

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jleroux@apache.org

[ofbiz-framework] branch trunk updated: Improved: Add security.internal.sso.enabled and security.token.key SystemProperties

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git

The following commit(s) were added to refs/heads/trunk by this push:
new 01e98b5 Improved: Add security.internal.sso.enabled and security.token.key SystemProperties
01e98b5 is described below

commit 01e98b5b5f1d3dca8b0143052f46f9ef0bb93ddf
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Mon Apr 13 17:25:25 2020 +0200

Improved: Add security.internal.sso.enabled and security.token.key
SystemProperties

(OFBIZ-11594)

Adds more latitude to set same site by using
EntityUtilProperties::getPropertyValueFromDelegatorName for retrieving the value
possibly from the DB as a SystemProperty.

OF course this would not work with tenants, but I doubt the "internal" SSO
feature will ever be use in a tenants context
---
.../main/java/org/apache/ofbiz/webapp/control/SameSiteFilter.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/SameSiteFilter.java b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/SameSiteFilter.java
index e064332..ffb3cf4 100644
--- a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/SameSiteFilter.java
+++ b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/SameSiteFilter.java
@@ -28,12 +28,12 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.HttpHeaders;

-import org.apache.ofbiz.base.util.UtilProperties;
+import org.apache.ofbiz.entity.util.EntityUtilProperties;

public class SameSiteFilter implements javax.servlet.Filter {

- private static final String SameSiteCookieAttribute = UtilProperties.getPropertyValue("security.properties", "SameSiteCookieAttribute", "strict");
+ private static final String SameSiteCookieAttribute = EntityUtilProperties.getPropertyValueFromDelegatorName("security.properties", "SameSiteCookieAttribute", "strict", "default");
@Override
public void init(FilterConfig filterConfig) throws ServletException {

@@ -62,4 +62,4 @@ public class SameSiteFilter implements javax.servlet.Filter {
public void destroy() {

}
-}
\ No newline at end of file
+}