List of usage examples for javax.servlet.http Cookie setPath
public void setPath(String uri)
From source file:com.persistent.cloudninja.controller.LogoutFilter.java
private void removeCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String authCookieName) {/* www . j a v a 2 s .com*/ Cookie[] cookies = httpServletRequest.getCookies(); Cookie currentCookie = null; if (cookies != null && cookies.length > 0) { for (Cookie c : cookies) { if (authCookieName.equals(c.getName())) { currentCookie = c; currentCookie.setMaxAge(0); currentCookie.setValue(""); currentCookie.setPath("/"); httpServletResponse.addCookie(currentCookie); } } } }
From source file:com.vmware.identity.openidconnect.server.AuthenticationRequestProcessor.java
private Cookie loggedInSessionCookie(SessionID sessionId) { Cookie cookie = new Cookie(SessionManager.getSessionCookieName(this.tenant), sessionId.getValue()); cookie.setPath("/openidconnect"); cookie.setSecure(true);//from ww w. j a va 2 s . co m cookie.setHttpOnly(true); return cookie; }
From source file:org.exoplatform.login.openid.OpenIDConsumerServlet.java
private void processReturn(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { Identifier identifier = this.verifyResponse(req); log.debug("identifier: " + identifier); if (identifier != null) { Cookie c = new Cookie(OpenIDUtils.OPENID_IDENTIFIER_TOKEN, identifier.getIdentifier()); c.setMaxAge(300);/*from w w w .j a va2 s .co m*/ c.setPath("/"); resp.addCookie(c); } resp.sendRedirect(this.openid_portlet_url); }
From source file:io.interface21.CsrfHeaderFilter.java
@Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (csrf != null) { Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); String token = csrf.getToken(); if (cookie == null || token != null && !token.equals(cookie.getValue())) { // Angular is capable to handle CSRF protection and expected a token with name XSRF-TOKEN cookie = new Cookie("XSRF-TOKEN", token); cookie.setPath("/"); response.addCookie(cookie);//from ww w.j a v a2 s . c o m } } filterChain.doFilter(request, response); }
From source file:net.e2.bw.idreg.client.keycloak.KeycloakClient.java
/** {@inheritDoc} */ public void redirectToAuthServer(HttpServletResponse response, String callbackUrl) throws IOException { // Create a state code used for Cross-Site Request Forgery (CSRF, XSRF) prevention String state = OIDCUtils.getStateCode(); // Set up cookie used for Cross-Site Request Forgery (CSRF, XSRF) prevention Cookie cookie = new Cookie(OAUTH_TOKEN_REQUEST_STATE, state); //cookie.setSecure(isSecure); cookie.setPath("/"); response.addCookie(cookie);//ww w. ja v a 2s. c o m // Redirect to the authentication request String url = config.getAuthRequest(callbackUrl, state); log.log(Level.FINE, "Redirecting to auth request: " + url); response.sendRedirect(url); }
From source file:com.erudika.para.security.CachedCsrfTokenRepository.java
private void storeTokenAsCookie(CsrfToken token, HttpServletRequest request, HttpServletResponse response) { if (isValidButNotInCookie(token, request)) { Cookie c = new Cookie(cookieName, token.getToken()); c.setMaxAge(Config.SESSION_TIMEOUT_SEC.intValue()); // don't enable HttpOnly - javascript can't access the cookie if enabled c.setHttpOnly(false);/* w ww . java 2s .c o m*/ c.setPath("/"); response.addCookie(c); } }
From source file:com.ctc.storefront.controllers.misc.AddToCartController.java
private void setCookie(final HttpServletResponse response, final CartData cartData) { final Cookie cookie = new Cookie("cartQuantity", String.valueOf(cartData.getTotalUnitCount())); cookie.setMaxAge(60 * 60);//from www .j a va 2 s . c o m cookie.setPath("/"); cookie.setDomain(siteConfigService.getString(CART_COUNT_COOKIE_DOMAIN_NAME, ".ctc.com")); response.addCookie(cookie); }
From source file:com.hypersocket.session.json.SessionUtils.java
public void addAPISession(HttpServletRequest request, HttpServletResponse response, Session session) { Cookie cookie = new Cookie(HYPERSOCKET_API_SESSION, session.getId()); cookie.setMaxAge(60 * session.getTimeout()); cookie.setSecure(request.getProtocol().equalsIgnoreCase("https")); cookie.setPath("/"); //cookie.setDomain(request.getServerName()); response.addCookie(cookie);//from w ww . j av a 2 s . com }
From source file:org.jasig.portal.portlet.container.services.SessionOnlyPortletCookieImpl.java
@Override public Cookie toCookie() { Cookie cookie = new Cookie(name, value); cookie.setComment(comment);/*from w w w . j a v a 2s. c o m*/ if (domain != null) { cookie.setDomain(domain); } cookie.setMaxAge(getMaxAge()); cookie.setPath(path); cookie.setSecure(secure); cookie.setVersion(version); return cookie; }
From source file:nl.strohalm.cyclos.controls.access.LoginAction.java
private void storeCookie(final HttpServletRequest request, final HttpServletResponse response, final boolean force) { final String queryString = StringHelper.removeMarkupTags(request.getQueryString()); if (force || StringUtils.isNotEmpty(queryString)) { // Store the query string as a cookie in order to be restored on logout final Cookie queryStringCookie = new Cookie("loginQueryString", StringHelper.encodeUrl(queryString)); queryStringCookie.setPath(request.getContextPath()); response.addCookie(queryStringCookie); }// w ww . j a va 2 s .co m if (force) { // Remove the after logout cookie (received on external login) final Cookie afterLogoutCookie = new Cookie("afterLogout", null); afterLogoutCookie.setPath(request.getContextPath()); response.addCookie(afterLogoutCookie); } }