Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 681320 Details for
Bug 899266
Port ASF 48379 to TC 6.0.24
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
2010-04-08-bug48379.patch
2010-04-08-bug48379.patch (text/plain), 12.35 KB, created by
Jean-Frederic Clere
on 2010-05-05 16:16:32 UTC
(
hide
)
Description:
2010-04-08-bug48379.patch
Filename:
MIME Type:
Creator:
Jean-Frederic Clere
Created:
2010-05-05 16:16:32 UTC
Size:
12.35 KB
patch
obsolete
>--- java/org/apache/catalina/Context.java (revision 931953) >+++ java/org/apache/catalina/Context.java (working copy) >@@ -181,7 +181,27 @@ > */ > public void setCookies(boolean cookies); > >+ > /** >+ * Gets the name to use for session cookies. Overrides any setting that >+ * may be specified by the application. >+ * >+ * @return The value of the default session cookie name or null if not >+ * specified >+ */ >+ public String getSessionCookieName(); >+ >+ >+ /** >+ * Sets the name to use for session cookies. Overrides any setting that >+ * may be specified by the application. >+ * >+ * @param sessionCookieName The name to use >+ */ >+ public void setSessionCookieName(String sessionCookieName); >+ >+ >+ /** > * Gets the value of the use HttpOnly cookies for session cookies flag. > * > * @return <code>true</code> if the HttpOnly flag should be set on session >@@ -198,12 +218,50 @@ > */ > public void setUseHttpOnly(boolean useHttpOnly); > >+ > /** >+ * Gets the domain to use for session cookies. Overrides any setting that >+ * may be specified by the application. >+ * >+ * @return The value of the default session cookie domain or null if not >+ * specified >+ */ >+ public String getSessionCookieDomain(); >+ >+ >+ /** >+ * Sets the domain to use for session cookies. Overrides any setting that >+ * may be specified by the application. >+ * >+ * @param sessionCookieDomain The domain to use >+ */ >+ public void setSessionCookieDomain(String sessionCookieDomain); >+ >+ >+ /** >+ * Gets the path to use for session cookies. Overrides any setting that >+ * may be specified by the application. >+ * >+ * @return The value of the default session cookie path or null if not >+ * specified >+ */ >+ public String getSessionCookiePath(); >+ >+ >+ /** >+ * Sets the path to use for session cookies. Overrides any setting that >+ * may be specified by the application. >+ * >+ * @param sessionCookiePath The path to use >+ */ >+ public void setSessionCookiePath(String sessionCookiePath); >+ >+ >+ /** > * Return the "allow crossing servlet contexts" flag. > */ > public boolean getCrossContext(); > >- > > /** > * Return the alternate Deployment Descriptor name. >--- java/org/apache/catalina/connector/CoyoteAdapter.java (revision 931953) >+++ java/org/apache/catalina/connector/CoyoteAdapter.java (working copy) >@@ -594,7 +594,7 @@ > > for (int i = 0; i < count; i++) { > ServerCookie scookie = serverCookies.getCookie(i); >- if (scookie.getName().equals(Globals.SESSION_COOKIE_NAME)) { >+ if (scookie.getName().equals(context.getSessionCookieName())) { > // Override anything requested in the URL > if (!request.isRequestedSessionIdFromCookie()) { > // Accept only the first session id cookie >--- java/org/apache/catalina/connector/Request.java (revision 931953) >+++ java/org/apache/catalina/connector/Request.java (working copy) >@@ -2252,22 +2252,11 @@ > return; > > if (response != null) { >- Cookie newCookie = new Cookie(Globals.SESSION_COOKIE_NAME, >+ Cookie newCookie = new Cookie(context.getSessionCookieName(), > newSessionId); >- newCookie.setMaxAge(-1); >- String contextPath = null; >- if (!response.getConnector().getEmptySessionPath() >- && (context != null)) { >- contextPath = context.getEncodedPath(); >- } >- if ((contextPath != null) && (contextPath.length() > 0)) { >- newCookie.setPath(contextPath); >- } else { >- newCookie.setPath("/"); >- } >- if (isSecure()) { >- newCookie.setSecure(true); >- } >+ >+ configureSessionCookie(newCookie); >+ > if (context == null) { > response.addCookieInternal(newCookie, false); > } else { >@@ -2395,7 +2384,7 @@ > // Creating a new session cookie based on that session > if ((session != null) && (getContext() != null) > && getContext().getCookies()) { >- Cookie cookie = new Cookie(Globals.SESSION_COOKIE_NAME, >+ Cookie cookie = new Cookie(context.getSessionCookieName(), > session.getIdInternal()); > configureSessionCookie(cookie); > response.addCookieInternal(cookie, context.getUseHttpOnly()); >@@ -2417,15 +2406,25 @@ > */ > protected void configureSessionCookie(Cookie cookie) { > cookie.setMaxAge(-1); >+ > String contextPath = null; > if (!connector.getEmptySessionPath() && (getContext() != null)) { >- contextPath = getContext().getEncodedPath(); >+ if (context.getSessionCookiePath() != null) { >+ contextPath = context.getSessionCookiePath(); >+ } else { >+ contextPath = getContext().getEncodedPath(); >+ } > } > if ((contextPath != null) && (contextPath.length() > 0)) { > cookie.setPath(contextPath); > } else { > cookie.setPath("/"); > } >+ >+ if (context.getSessionCookieDomain() != null) { >+ cookie.setDomain(context.getSessionCookieDomain()); >+ } >+ > if (isSecure()) { > cookie.setSecure(true); > } >--- java/org/apache/catalina/core/StandardContext.java (revision 931953) >+++ java/org/apache/catalina/core/StandardContext.java (working copy) >@@ -703,12 +703,35 @@ > */ > private boolean saveConfig = true; > >+ > /** > * The flag that indicates that session cookies should use HttpOnly > */ > private boolean useHttpOnly = false; > >+ > /** >+ * The domain to use for session cookies. <code>null</code> indicates that >+ * the domain is controlled by the application. >+ */ >+ private String sessionCookieDomain; >+ >+ >+ /** >+ * The path to use for session cookies. <code>null</code> indicates that >+ * the path is controlled by the application. >+ */ >+ private String sessionCookiePath; >+ >+ >+ /** >+ * The name to use for session cookies. <code>null</code> indicates that >+ * the name is controlled by the application. >+ */ >+ private String sessionCookieName; >+ >+ >+ /** > * Should Tomcat attempt to terminate threads that have been started by the > * web application? Stopping threads is performed via the deprecated (for > * good reason) <code>Thread.stop()</code> method and is likely to result in >@@ -1160,9 +1183,85 @@ > } > > >+ /** >+ * Gets the domain to use for session cookies. >+ * >+ * @return The value of the default session cookie domain or null if not >+ * specified >+ */ >+ public String getSessionCookieDomain() { >+ return sessionCookieDomain; >+ } >+ >+ >+ /** >+ * Sets the domain to use for session cookies. >+ * >+ * @param sessionCookieDomain The domain to use >+ */ >+ public void setSessionCookieDomain(String sessionCookieDomain) { >+ String oldSessionCookieDomain = this.sessionCookieDomain; >+ this.sessionCookieDomain = sessionCookieDomain; >+ support.firePropertyChange("sessionCookieDomain", >+ oldSessionCookieDomain, sessionCookieDomain); >+ } > > > /** >+ * Gets the path to use for session cookies. >+ * >+ * @return The value of the default session cookie path or null if not >+ * specified >+ */ >+ public String getSessionCookiePath() { >+ return sessionCookiePath; >+ } >+ >+ >+ /** >+ * Sets the path to use for session cookies. >+ * >+ * @param sessionCookiePath The path to use >+ */ >+ public void setSessionCookiePath(String sessionCookiePath) { >+ String oldSessionCookiePath = this.sessionCookiePath; >+ this.sessionCookiePath = sessionCookiePath; >+ support.firePropertyChange("sessionCookiePath", >+ oldSessionCookiePath, sessionCookiePath); >+ } >+ >+ >+ /** >+ * Gets the name to use for session cookies. >+ * >+ * @return The value of the default session cookie name or null if not >+ * specified >+ */ >+ public String getSessionCookieName() { >+ >+ if (sessionCookieName == null) { >+ return Globals.SESSION_COOKIE_NAME; >+ } >+ >+ return sessionCookieName; >+ } >+ >+ >+ /** >+ * Sets the name to use for session cookies. Overrides any setting that >+ * may be specified by the application. >+ * >+ * @param sessionCookieName The name to use >+ */ >+ public void setSessionCookieName(String sessionCookieName) { >+ String oldSessionCookieName = this.sessionCookieName; >+ this.sessionCookieName = sessionCookieName; >+ support.firePropertyChange("sessionCookieName", >+ oldSessionCookieName, sessionCookieName); >+ } >+ >+ >+ /** > * Return the "allow crossing servlet contexts" flag. > */ > public boolean getCrossContext() { >--- java/org/apache/catalina/ha/session/JvmRouteBinderValve.java (revision 931953) >+++ java/org/apache/catalina/ha/session/JvmRouteBinderValve.java (working copy) >@@ -455,22 +455,34 @@ > Context context = request.getContext(); > if (context.getCookies()) { > // set a new session cookie >- Cookie newCookie = new Cookie(Globals.SESSION_COOKIE_NAME, >+ Cookie newCookie = new Cookie(context.getSessionCookieName(), > sessionId); >+ > newCookie.setMaxAge(-1); >+ > String contextPath = null; >- if (!response.getConnector().getEmptySessionPath() >- && (context != null)) { >- contextPath = context.getEncodedPath(); >+ if (!response.getConnector().getEmptySessionPath() && >+ (context != null)) { >+ if (context.getSessionCookiePath() != null) { >+ contextPath = context.getSessionCookiePath(); >+ } else { >+ contextPath = context.getEncodedPath(); >+ } > } > if ((contextPath != null) && (contextPath.length() > 0)) { > newCookie.setPath(contextPath); > } else { > newCookie.setPath("/"); > } >+ >+ if ((context != null) && context.getSessionCookieDomain() != null) { >+ newCookie.setDomain(context.getSessionCookieDomain()); >+ } >+ > if (request.isSecure()) { > newCookie.setSecure(true); > } >+ > if (log.isDebugEnabled()) { > Object[] args = new Object[] {sessionId, > Globals.SESSION_COOKIE_NAME, >--- webapps/docs/config/context.xml (revision 931953) >+++ webapps/docs/config/context.xml (working copy) >@@ -227,6 +227,27 @@ > on demand.</p> > </attribute> > >+ <attribute name="sessionCookieDomain" required="false"> >+ <p>The domain to be used for all session cookies created for this >+ Context. If not set, no domain will be specified for session cookies. >+ </p> >+ </attribute> >+ >+ <attribute name="sessionCookieName" required="false"> >+ <p>The name to be used for all session cookies created for this >+ Context. If not set, the default of JSESSIONID will be used. Note that >+ this default will be overridden by the >+ <strong>org.apache.catalina.SESSION_COOKIE_NAME</strong> system >+ property.</p> >+ </attribute> >+ >+ <attribute name="sessionCookiePath" required="false"> >+ <p>The path to be used for all session cookies created for this >+ Context. If not set, the context path will be used. Note that this will >+ be overridden by the <strong>emptySessionPath</strong> attribute on the >+ connector used to access this Context.</p> >+ </attribute> >+ > <attribute name="wrapperClass" required="false"> > <p>Java class name of the <code>org.apache.catalina.Wrapper</code> > implementation class that will be used for servlets managed by this >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=681320">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 899266
: 681320 |
681321
|
681322