You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by mg...@apache.org on 2015/03/27 21:21:20 UTC
wicket git commit: WICKET-5855 RememberMe functionality seems to be
broken after the change of the default crypt factory
Repository: wicket
Updated Branches:
refs/heads/WICKET-5855-fix-rememberMe [created] 904965a49
WICKET-5855 RememberMe functionality seems to be broken after the change of the default crypt factory
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/904965a4
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/904965a4
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/904965a4
Branch: refs/heads/WICKET-5855-fix-rememberMe
Commit: 904965a491ab64e01cb9034088798c06fb3018f8
Parents: ba4c411
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Fri Mar 27 22:20:44 2015 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Fri Mar 27 22:20:44 2015 +0200
----------------------------------------------------------------------
.../strategy/DefaultAuthenticationStrategy.java | 26 +++++++++++---------
1 file changed, 14 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/904965a4/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java b/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
index 59bb484..d30e997 100644
--- a/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
+++ b/wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
@@ -18,7 +18,9 @@ package org.apache.wicket.authentication.strategy;
import org.apache.wicket.Application;
import org.apache.wicket.authentication.IAuthenticationStrategy;
+import org.apache.wicket.util.cookies.CookieDefaults;
import org.apache.wicket.util.cookies.CookieUtils;
+import org.apache.wicket.util.crypt.CachingSunJceCryptFactory;
import org.apache.wicket.util.crypt.ICrypt;
import org.apache.wicket.util.lang.Args;
import org.apache.wicket.util.string.Strings;
@@ -68,7 +70,9 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
{
if (cookieUtils == null)
{
- cookieUtils = new CookieUtils();
+ CookieDefaults settings = new CookieDefaults();
+ settings.setHttpOnly(true);
+ cookieUtils = new CookieUtils(settings);
}
return cookieUtils;
}
@@ -80,14 +84,19 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
{
if (crypt == null)
{
- crypt = Application.get().getSecuritySettings().getCryptFactory().newCrypt();
+ String encryptionKey;
+ if (Application.exists())
+ {
+ encryptionKey = Application.get().getName();
+ } else {
+ encryptionKey = "LoggedIn";
+ }
+ CachingSunJceCryptFactory cryptFactory = new CachingSunJceCryptFactory(encryptionKey);
+ crypt = cryptFactory.newCrypt();
}
return crypt;
}
- /**
- * @see org.apache.wicket.authentication.IAuthenticationStrategy#load()
- */
@Override
public String[] load()
{
@@ -139,10 +148,6 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
return null;
}
- /**
- * @see org.apache.wicket.authentication.IAuthenticationStrategy#save(java.lang.String,
- * java.lang.String...)
- */
@Override
public void save(final String credential, final String... extraCredentials)
{
@@ -171,9 +176,6 @@ public class DefaultAuthenticationStrategy implements IAuthenticationStrategy
return value.toString();
}
- /**
- * @see org.apache.wicket.authentication.IAuthenticationStrategy#remove()
- */
@Override
public void remove()
{