Author: lektran
Date: Sun Oct 12 03:56:41 2008 New Revision: 703784 URL: http://svn.apache.org/viewvc?rev=703784&view=rev Log: Fix for problem that the new cross domain session cookie valve was having with localhost domains. Thanks to Mridul Pathak for the patch and Andrew Zeneski for his advice Modified: ofbiz/trunk/framework/base/config/ofbiz-containers.xml ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java Modified: ofbiz/trunk/framework/base/config/ofbiz-containers.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/config/ofbiz-containers.xml?rev=703784&r1=703783&r2=703784&view=diff ============================================================================== --- ofbiz/trunk/framework/base/config/ofbiz-containers.xml (original) +++ ofbiz/trunk/framework/base/config/ofbiz-containers.xml Sun Oct 12 03:56:41 2008 @@ -128,7 +128,7 @@ </property> --> <!-- <property name="ssl-accelerator-port" value="8443"/> --> - <property name="enable-session-valve" value="false"/> + <property name="enable-cross-subdomain-sessions" value="true"/> </property> <!-- all connectors support type, host, port, enable-lookups --> <property name="ajp-connector" value="connector"> Modified: ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java?rev=703784&r1=703783&r2=703784&view=diff ============================================================================== --- ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java (original) +++ ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java Sun Oct 12 03:56:41 2008 @@ -296,7 +296,7 @@ } // configure the CrossSubdomainSessionValve - boolean enableSessionValve = ContainerConfig.getPropertyValue(engineConfig, "enable-session-valve", false); + boolean enableSessionValve = ContainerConfig.getPropertyValue(engineConfig, "enable-cross-subdomain-sessions", false); if (enableSessionValve) { CrossSubdomainSessionValve sessionValve = new CrossSubdomainSessionValve(); engine.addValve(sessionValve); Modified: ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java?rev=703784&r1=703783&r2=703784&view=diff ============================================================================== --- ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java (original) +++ ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java Sun Oct 12 03:56:41 2008 @@ -44,56 +44,53 @@ } protected void replaceCookie(Request request, Response response, Cookie cookie) { - - // copy the existing session cookie, but use a different domain - Cookie newCookie = new Cookie(cookie.getName(), cookie.getValue()); - if (cookie.getPath() != null) { - newCookie.setPath(cookie.getPath()); - } - + + // copy the existing session cookie, but use a different domain (only if domain is valid) String cookieDomain = null; cookieDomain = UtilProperties.getPropertyValue("url", "cookie.domain", ""); if (UtilValidate.isEmpty(cookieDomain)) { - cookieDomain = getCookieDomain(request); + String serverName = request.getServerName(); + String[] domainArray = serverName.split("\\."); + if (domainArray.length > 2) { + cookieDomain = "." + domainArray[domainArray.length - 2] + "." + domainArray[domainArray.length - 1]; + } } + - newCookie.setDomain(cookieDomain); - newCookie.setMaxAge(cookie.getMaxAge()); - newCookie.setVersion(cookie.getVersion()); - if (cookie.getComment() != null) { - newCookie.setComment(cookie.getComment()); - } - newCookie.setSecure(cookie.getSecure()); + if (UtilValidate.isNotEmpty(cookieDomain)) { + Cookie newCookie = new Cookie(cookie.getName(), cookie.getValue()); + if (cookie.getPath() != null) { + newCookie.setPath(cookie.getPath()); + } + newCookie.setDomain(cookieDomain); + newCookie.setMaxAge(cookie.getMaxAge()); + newCookie.setVersion(cookie.getVersion()); + if (cookie.getComment() != null) { + newCookie.setComment(cookie.getComment()); + } + newCookie.setSecure(cookie.getSecure()); - // if the response has already been committed, our replacement strategy will have no effect - if (response.isCommitted()) { - Debug.logError("CrossSubdomainSessionValve: response was already committed!", module); - } + // if the response has already been committed, our replacement strategy will have no effect + if (response.isCommitted()) { + Debug.logError("CrossSubdomainSessionValve: response was already committed!", module); + } - // find the Set-Cookie header for the existing cookie and replace its value with new cookie - MimeHeaders mimeHeaders = response.getCoyoteResponse().getMimeHeaders(); - for (int i = 0, size = mimeHeaders.size(); i < size; i++) { - if (mimeHeaders.getName(i).equals("Set-Cookie")) { - MessageBytes value = mimeHeaders.getValue(i); - if (value.indexOf(cookie.getName()) >= 0) { - StringBuffer buffer = new StringBuffer(); - ServerCookie.appendCookieValue(buffer, newCookie.getVersion(), newCookie.getName(), newCookie.getValue(), newCookie.getPath(), - newCookie.getDomain(), newCookie.getComment(), newCookie.getMaxAge(), newCookie.getSecure()); - Debug.logVerbose("CrossSubdomainSessionValve: old Set-Cookie value: " + value.toString(), module); - Debug.logVerbose("CrossSubdomainSessionValve: new Set-Cookie value: " + buffer, module); - value.setString(buffer.toString()); + // find the Set-Cookie header for the existing cookie and replace its value with new cookie + MimeHeaders mimeHeaders = response.getCoyoteResponse().getMimeHeaders(); + for (int i = 0, size = mimeHeaders.size(); i < size; i++) { + if (mimeHeaders.getName(i).equals("Set-Cookie")) { + MessageBytes value = mimeHeaders.getValue(i); + if (value.indexOf(cookie.getName()) >= 0) { + StringBuffer buffer = new StringBuffer(); + ServerCookie.appendCookieValue(buffer, newCookie.getVersion(), newCookie.getName(), newCookie.getValue(), newCookie.getPath(), + newCookie.getDomain(), newCookie.getComment(), newCookie.getMaxAge(), newCookie.getSecure()); + Debug.logVerbose("CrossSubdomainSessionValve: old Set-Cookie value: " + value.toString(), module); + Debug.logVerbose("CrossSubdomainSessionValve: new Set-Cookie value: " + buffer, module); + value.setString(buffer.toString()); + } } } } } - - protected String getCookieDomain(Request request) { - String cookieDomain = request.getServerName(); - String[] domainArray = cookieDomain.split("\\."); - if (domainArray.length >= 2) { - cookieDomain = domainArray[domainArray.length - 2] + "." + domainArray[domainArray.length - 1]; - } - return "." + cookieDomain; - } } \ No newline at end of file |
Free forum by Nabble | Edit this page |