You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by do...@apache.org on 2013/06/28 21:08:25 UTC
svn commit: r1497891 - in /ofbiz/trunk/framework:
security/config/security.properties
webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Author: doogie
Date: Fri Jun 28 19:08:24 2013
New Revision: 1497891
URL: http://svn.apache.org/r1497891
Log:
FEATURE: Allow for externalLoginKey parameter generation to be turned
off; the use for this feature will become apparent shortly.
Modified:
ofbiz/trunk/framework/security/config/security.properties
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Modified: ofbiz/trunk/framework/security/config/security.properties
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/config/security.properties?rev=1497891&r1=1497890&r2=1497891&view=diff
==============================================================================
--- ofbiz/trunk/framework/security/config/security.properties (original)
+++ ofbiz/trunk/framework/security/config/security.properties Fri Jun 28 19:08:24 2013
@@ -124,3 +124,6 @@ protect-view.preprocessor=java.org.ofbiz
# -- Name of the default error response view for protected views ("none:" will be rendered as a blank page, see RequestHandler.java)
#default.error.response.view=none:
default.error.response.view=view:viewBlocked
+
+# If false, then no externalLoginKey parameters will be added to cross-webapp urls
+security.login.externalLoginKey.enabled=true
Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=1497891&r1=1497890&r2=1497891&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Fri Jun 28 19:08:24 2013
@@ -121,6 +121,10 @@ public class LoginWorker {
* Gets (and creates if necessary) a key to be used for an external login parameter
*/
public static String getExternalLoginKey(HttpServletRequest request) {
+ boolean externalLoginKeyEnabled = "true".equals(UtilProperties.getPropertyValue("security", "security.login.externalLoginKey.enabled", "true"));
+ if (!externalLoginKeyEnabled) {
+ return null;
+ }
//Debug.logInfo("Running getExternalLoginKey, externalLoginKeys.size=" + externalLoginKeys.size(), module);
GenericValue userLogin = (GenericValue) request.getAttribute("userLogin");