OFBiz › OFBiz - Commits

svn commit: r1851157 - in /ofbiz/ofbiz-framework/trunk/applications: marketing/webapp/marketing/WEB-INF/web.xml party/webapp/partymgr/WEB-INF/web.xml

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jleroux@apache.org

svn commit: r1851157 - in /ofbiz/ofbiz-framework/trunk/applications: marketing/webapp/marketing/WEB-INF/web.xml party/webapp/partymgr/WEB-INF/web.xml

Author: jleroux
Date: Sat Jan 12 10:01:04 2019
New Revision: 1851157

URL: http://svn.apache.org/viewvc?rev=1851157&view=rev
Log:
Fixed: Add session tracking mode and make cookie secure
(OFBIZ-6655)

Following "Session timeout for webapps" discussion on dev ML
https://markmail.org/message/p6fbiojjrwb2ybxd

We decided to put back the session-timeout value in web.xml files and to remove
the line
session.setMaxInactiveInterval(60*60); //in seconds
from ControlEventListener.java

Double checking Deepak found I missed 2 cases, here they are

I then checked using this regexp: ^(?!.[\s\S]*minutes).[\s\S]*servlet.*$
That there is not other cases. The regexp comes from
https://stackoverflow.com/questions/15209711/regex-to-find-files-containing-one-word-but-not-another
I did not want to pass 1 hour to create it ;)

Thanks: Deepak Nigam

Modified:
ofbiz/ofbiz-framework/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml
ofbiz/ofbiz-framework/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml

Modified: ofbiz/ofbiz-framework/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml?rev=1851157&r1=1851156&r2=1851157&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml (original)
+++ ofbiz/ofbiz-framework/trunk/applications/marketing/webapp/marketing/WEB-INF/web.xml Sat Jan 12 10:01:04 2019
@@ -83,6 +83,10 @@ under the License.
<url-pattern>/control/*</url-pattern>
</servlet-mapping>

+ <session-config>
+ <session-timeout>60</session-timeout>
+ </session-config>
+
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>

Modified: ofbiz/ofbiz-framework/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml?rev=1851157&r1=1851156&r2=1851157&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml (original)
+++ ofbiz/ofbiz-framework/trunk/applications/party/webapp/partymgr/WEB-INF/web.xml Sat Jan 12 10:01:04 2019
@@ -83,6 +83,10 @@ under the License.
<url-pattern>/control/*</url-pattern>
</servlet-mapping>

+ <session-config>
+ <session-timeout>60</session-timeout>
+ </session-config>
+
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>