You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2015/03/13 10:33:52 UTC
[9/9] git commit: updated refs/heads/master to 6c71d3b

ui: if session cookie exists, use it to set global session holder and invalidate it

The 19e3c0168e744a76b5e1dc24a5eafa776d342404 commit breaks SAML login and any
login where redirection is used.

Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
(cherry picked from commit b79f13ccb54c6afc48c42bc94c61621dc6cac32d)
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/6c71d3ba
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/6c71d3ba
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/6c71d3ba

Branch: refs/heads/master
Commit: 6c71d3bae1a3a72a9fa4004decdba4a7174f6913
Parents: 2f1863c
Author: Rohit Yadav <ro...@shapeblue.com>
Authored: Fri Mar 13 15:01:11 2015 +0530
Committer: Rohit Yadav <ro...@shapeblue.com>
Committed: Fri Mar 13 15:02:27 2015 +0530

----------------------------------------------------------------------
 .../api/command/SAML2LoginAPIAuthenticatorCmd.java    |  2 +-
 ui/scripts/cloudStack.js                              | 14 ++++++++++++--
 2 files changed, 13 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c71d3ba/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index 3b6b7d3..de6031c 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -285,7 +285,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
                             resp.addCookie(new Cookie("domainid", URLEncoder.encode(loginResponse.getDomainId(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("role", URLEncoder.encode(loginResponse.getType(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("username", URLEncoder.encode(loginResponse.getUsername(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("sessionKey", URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8)));
+                            resp.addCookie(new Cookie("sessionkey", URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("timezone", URLEncoder.encode(loginResponse.getTimeZone(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("userfullname", URLEncoder.encode(loginResponse.getFirstName() + " " + loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20")));

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c71d3ba/ui/scripts/cloudStack.js
----------------------------------------------------------------------
diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js
index 2adb89c..55200b6 100644
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@@ -117,14 +117,22 @@
                         }
                         return cookieValue;
                     };
-                    g_sessionKey = unBoxCookieValue('JSESSIONID');
+                    unBoxCookieValue('sessionkey');
+                    // if sessionkey cookie exists use this to set g_sessionKey
+                    // and destroy sessionkey cookie
+                    if ($.cookie('sessionkey')) {
+                        g_sessionKey = $.cookie('sessionkey');
+                        $.cookie('sessionkey', null);
+                    } else {
+                        g_sessionKey = unBoxCookieValue('JSESSIONID');
+                    }
                     g_role = unBoxCookieValue('role');
                     g_userid = unBoxCookieValue('userid');
                     g_domainid = unBoxCookieValue('domainid');
                     g_account = unBoxCookieValue('account');
                     g_username = unBoxCookieValue('username');
                     g_userfullname = unBoxCookieValue('userfullname');
-                    g_timezone = unBoxCookieValue('timezone');                    
+                    g_timezone = unBoxCookieValue('timezone');
                 } else { //single-sign-on	(bypass login screen)
                     g_sessionKey = encodeURIComponent(g_loginResponse.sessionkey);
                     g_role = g_loginResponse.type;
@@ -322,6 +330,7 @@
                         g_loginCmdText = null;
                         
                         $.cookie('JSESSIONID', null);
+                        $.cookie('sessionkey', null);
                         $.cookie('username', null);
                         $.cookie('account', null);
                         $.cookie('domainid', null);
@@ -345,6 +354,7 @@
 
             samlLoginAction: function(args) {
                 $.cookie('JSESSIONID', null);
+                $.cookie('sessionkey', null);
                 $.cookie('username', null);
                 $.cookie('account', null);
                 $.cookie('domainid', null);