You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/05/17 23:48:10 UTC

svn commit: r1339873 - in /cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso: RequestAssertionConsumerService.java SamlPostBindingFilter.java SamlRedirectBindingFilter.java

Author: sergeyb
Date: Thu May 17 21:48:10 2012
New Revision: 1339873

URL: http://svn.apache.org/viewvc?rev=1339873&view=rev
Log:
Setting the cookie from the code as opposed from the jsp page

Modified:
    cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
    cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlPostBindingFilter.java
    cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java

Modified: cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java?rev=1339873&r1=1339872&r2=1339873&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java (original)
+++ cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java Thu May 17 21:48:10 2012
@@ -38,6 +38,7 @@ import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 
@@ -167,7 +168,8 @@ public class RequestAssertionConsumerSer
                                             requestState.getWebAppDomain());
         
         // Finally, redirect to the service provider endpoint
-        return Response.seeOther(targetURI).header("Set-Cookie", contextCookie).build();
+        return Response.seeOther(targetURI).header(HttpHeaders.SET_COOKIE,
+                                                   contextCookie).build();
     }
     
     private RequestState processRelayState(String relayState) {

Modified: cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlPostBindingFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlPostBindingFilter.java?rev=1339873&r1=1339872&r2=1339873&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlPostBindingFilter.java (original)
+++ cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlPostBindingFilter.java Thu May 17 21:48:10 2012
@@ -22,6 +22,7 @@ import javax.ws.rs.WebApplicationExcepti
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
 
+import org.apache.cxf.jaxrs.ext.MessageContextImpl;
 import org.apache.cxf.jaxrs.model.ClassResourceInfo;
 import org.apache.cxf.message.Message;
 
@@ -40,8 +41,12 @@ public class SamlPostBindingFilter exten
                 // in principle we could've built the XHTML form right here
                 // but it will be cleaner to get that done in JSP
                 
-                // Note the view handler will also need to set a RelayState 
-                // cookie
+                String contextCookie = createCookie(SSOConstants.RELAY_STATE,
+                                                    info.getRelayState(),
+                                                    info.getWebAppContext(),
+                                                    info.getWebAppDomain());
+                new MessageContextImpl(m).getHttpServletResponse().addHeader(
+                    HttpHeaders.SET_COOKIE, contextCookie);
                 
                 return Response.ok(info)
                                .type("text/html")

Modified: cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java?rev=1339873&r1=1339872&r2=1339873&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java (original)
+++ cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SamlRedirectBindingFilter.java Thu May 17 21:48:10 2012
@@ -63,7 +63,7 @@ public class SamlRedirectBindingFilter e
                 return Response.seeOther(ub.build())
                                .header(HttpHeaders.CACHE_CONTROL, "no-cache, no-store")
                                .header("Pragma", "no-cache") 
-                               .header("Set-Cookie", contextCookie)
+                               .header(HttpHeaders.SET_COOKIE, contextCookie)
                                .build();
             } catch (Exception ex) {
                 ex.printStackTrace();