svn commit: r703784 - in /ofbiz/trunk/framework: base/config/ofbiz-containers.xml catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r703784 - in /ofbiz/trunk/framework: base/config/ofbiz-containers.xml catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java

lektran
Author: lektran
Date: Sun Oct 12 03:56:41 2008
New Revision: 703784

URL: http://svn.apache.org/viewvc?rev=703784&view=rev
Log:
Fix for problem that the new cross domain session cookie valve was having with localhost domains.

Thanks to Mridul Pathak for the patch and Andrew Zeneski for his advice

Modified:
    ofbiz/trunk/framework/base/config/ofbiz-containers.xml
    ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java
    ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java

Modified: ofbiz/trunk/framework/base/config/ofbiz-containers.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/config/ofbiz-containers.xml?rev=703784&r1=703783&r2=703784&view=diff
==============================================================================
--- ofbiz/trunk/framework/base/config/ofbiz-containers.xml (original)
+++ ofbiz/trunk/framework/base/config/ofbiz-containers.xml Sun Oct 12 03:56:41 2008
@@ -128,7 +128,7 @@
             </property>
             -->
             <!-- <property name="ssl-accelerator-port" value="8443"/> -->
-            <property name="enable-session-valve" value="false"/>
+            <property name="enable-cross-subdomain-sessions" value="true"/>
         </property>
         <!-- all connectors support type, host, port, enable-lookups -->
         <property name="ajp-connector" value="connector">

Modified: ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java?rev=703784&r1=703783&r2=703784&view=diff
==============================================================================
--- ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java (original)
+++ ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CatalinaContainer.java Sun Oct 12 03:56:41 2008
@@ -296,7 +296,7 @@
         }
 
         // configure the CrossSubdomainSessionValve
-        boolean enableSessionValve = ContainerConfig.getPropertyValue(engineConfig, "enable-session-valve", false);
+        boolean enableSessionValve = ContainerConfig.getPropertyValue(engineConfig, "enable-cross-subdomain-sessions", false);
         if (enableSessionValve) {
             CrossSubdomainSessionValve sessionValve = new CrossSubdomainSessionValve();
             engine.addValve(sessionValve);

Modified: ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java?rev=703784&r1=703783&r2=703784&view=diff
==============================================================================
--- ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java (original)
+++ ofbiz/trunk/framework/catalina/src/org/ofbiz/catalina/container/CrossSubdomainSessionValve.java Sun Oct 12 03:56:41 2008
@@ -44,56 +44,53 @@
     }
 
     protected void replaceCookie(Request request, Response response, Cookie cookie) {
-
-        // copy the existing session cookie, but use a different domain
-        Cookie newCookie = new Cookie(cookie.getName(), cookie.getValue());
-        if (cookie.getPath() != null) {
-            newCookie.setPath(cookie.getPath());
-        }
-
+        
+        // copy the existing session cookie, but use a different domain (only if domain is valid)
         String cookieDomain = null;
         cookieDomain = UtilProperties.getPropertyValue("url", "cookie.domain", "");
 
         if (UtilValidate.isEmpty(cookieDomain)) {
-            cookieDomain = getCookieDomain(request);
+            String serverName = request.getServerName();
+            String[] domainArray = serverName.split("\\.");
+            if (domainArray.length > 2) {
+                cookieDomain = "." + domainArray[domainArray.length - 2] + "." + domainArray[domainArray.length - 1];
+            }
         }
+        
 
-        newCookie.setDomain(cookieDomain);
-        newCookie.setMaxAge(cookie.getMaxAge());
-        newCookie.setVersion(cookie.getVersion());
-        if (cookie.getComment() != null) {
-            newCookie.setComment(cookie.getComment());
-        }
-        newCookie.setSecure(cookie.getSecure());
+        if (UtilValidate.isNotEmpty(cookieDomain)) {
+            Cookie newCookie = new Cookie(cookie.getName(), cookie.getValue());
+            if (cookie.getPath() != null) {
+                newCookie.setPath(cookie.getPath());
+            }
+            newCookie.setDomain(cookieDomain);
+            newCookie.setMaxAge(cookie.getMaxAge());
+            newCookie.setVersion(cookie.getVersion());
+            if (cookie.getComment() != null) {
+                newCookie.setComment(cookie.getComment());
+            }
+            newCookie.setSecure(cookie.getSecure());
 
-        // if the response has already been committed, our replacement strategy will have no effect
-        if (response.isCommitted()) {
-            Debug.logError("CrossSubdomainSessionValve: response was already committed!", module);
-        }
+            // if the response has already been committed, our replacement strategy will have no effect
+            if (response.isCommitted()) {
+                Debug.logError("CrossSubdomainSessionValve: response was already committed!", module);
+            }
 
-        // find the Set-Cookie header for the existing cookie and replace its value with new cookie
-        MimeHeaders mimeHeaders = response.getCoyoteResponse().getMimeHeaders();
-        for (int i = 0, size = mimeHeaders.size(); i < size; i++) {
-            if (mimeHeaders.getName(i).equals("Set-Cookie")) {
-                MessageBytes value = mimeHeaders.getValue(i);
-                if (value.indexOf(cookie.getName()) >= 0) {
-                    StringBuffer buffer = new StringBuffer();
-                    ServerCookie.appendCookieValue(buffer, newCookie.getVersion(), newCookie.getName(), newCookie.getValue(), newCookie.getPath(),
-                            newCookie.getDomain(), newCookie.getComment(), newCookie.getMaxAge(), newCookie.getSecure());
-                    Debug.logVerbose("CrossSubdomainSessionValve: old Set-Cookie value: " + value.toString(), module);
-                    Debug.logVerbose("CrossSubdomainSessionValve: new Set-Cookie value: " + buffer, module);
-                    value.setString(buffer.toString());
+            // find the Set-Cookie header for the existing cookie and replace its value with new cookie
+            MimeHeaders mimeHeaders = response.getCoyoteResponse().getMimeHeaders();
+            for (int i = 0, size = mimeHeaders.size(); i < size; i++) {
+                if (mimeHeaders.getName(i).equals("Set-Cookie")) {
+                    MessageBytes value = mimeHeaders.getValue(i);
+                    if (value.indexOf(cookie.getName()) >= 0) {
+                        StringBuffer buffer = new StringBuffer();
+                        ServerCookie.appendCookieValue(buffer, newCookie.getVersion(), newCookie.getName(), newCookie.getValue(), newCookie.getPath(),
+                                newCookie.getDomain(), newCookie.getComment(), newCookie.getMaxAge(), newCookie.getSecure());
+                        Debug.logVerbose("CrossSubdomainSessionValve: old Set-Cookie value: " + value.toString(), module);
+                        Debug.logVerbose("CrossSubdomainSessionValve: new Set-Cookie value: " + buffer, module);
+                        value.setString(buffer.toString());
+                    }
                 }
             }
         }
     }
-
-    protected String getCookieDomain(Request request) {
-        String cookieDomain = request.getServerName();
-        String[] domainArray = cookieDomain.split("\\.");
-        if (domainArray.length >= 2) {
-            cookieDomain = domainArray[domainArray.length - 2] + "." + domainArray[domainArray.length - 1];
-        }
-        return "." + cookieDomain;
-    }
 }
\ No newline at end of file