List of usage examples for javax.servlet.http Cookie setPath
public void setPath(String uri)
From source file:org.josso.gl2.agent.SSOAgentValve.java
/** * This creates a new JOSSO Cookie for the given path and value. * * @param path the path associated with the cookie, normaly the partner application context. * @param value the SSO Session ID//from w w w. j av a 2 s .c om * @param type le type du cookie * @return */ private Cookie newJossoCookie2(String path, String value, String type) { // Some browsers don't like cookies without paths. This is useful for partner applications configured in the root context if (path == null || "".equals(path)) path = "/"; Cookie ssoCookie = new Cookie(type, value); ssoCookie.setMaxAge(-1); ssoCookie.setPath(path); // TODO : Check domain / secure ? //ssoCookie.setDomain(cfg.getSessionTokenScope()); //ssoCookie.setSecure(true); return ssoCookie; }
From source file:org.jahia.bin.Render.java
public void addCookie(HttpServletRequest req, HttpServletResponse resp) { if (req.getParameter(COOKIE_NAME) != null && req.getParameter(COOKIE_VALUE) != null) { Cookie cookie = new Cookie(req.getParameter(COOKIE_NAME), req.getParameter(COOKIE_VALUE)); cookie.setMaxAge(60 * 60 * 24 * cookieExpirationInDays); if (req.getParameter(COOKIE_PATH) != null) cookie.setPath(req.getParameter(COOKIE_PATH)); else {//from w w w. j a v a 2s .c om cookie.setPath("/"); } resp.addCookie(cookie); } }
From source file:org.openedit.entermedia.modules.AdminModule.java
public void savePasswordAsCookie(User user, WebPageRequest inReq) throws OpenEditException { if (user.isVirtual()) { log.debug("User is virtual. Not saving cookie"); return;/*from ww w .j a va2 s .co m*/ } HttpServletResponse res = inReq.getResponse(); if (res != null) { String name = createMd5CookieName(inReq, true); try { String md5 = getCookieEncryption().getPasswordMd5(user.getPassword()); String value = user.getUserName() + "md542" + md5; Cookie cookie = new Cookie(name, value); cookie.setMaxAge(Integer.MAX_VALUE); //Needs new servelet api jar // cookie.setHttpOnly(true); cookie.setPath("/"); // http://www.unix.org.ua/orelly/java-ent/servlet/ch07_04.htm This does not really work. It tends to not send the data res.addCookie(cookie); inReq.putPageValue("entermediakey", value); } catch (Exception ex) { throw new OpenEditException(ex); } //TODO: Add a new alternative cookie that will auto login the user by passing the md5 of a secret key + their password //TODO: If the MD5 matches on both sides then we are ok to log them in } }
From source file:com.adito.security.DefaultLogonController.java
private SessionInfo addLogonTicket(HttpServletRequest request, HttpServletResponse response, User user, InetAddress address, int sessionType) { String logonTicket = TicketGenerator.getInstance().generateUniqueTicket("SLX"); if (log.isInfoEnabled()) log.info("Adding logon ticket to session " + request.getSession().getId()); request.getSession().setAttribute(Constants.LOGON_TICKET, logonTicket); request.setAttribute(Constants.LOGON_TICKET, logonTicket); String userAgent = request.getHeader("User-Agent"); SessionInfo info = SessionInfo.nextSession(request.getSession(), logonTicket, user, address, sessionType, userAgent);/*w ww . j a v a2 s .co m*/ request.getSession().setAttribute(Constants.SESSION_INFO, info); try { String sessionIdentifier = SystemProperties.get("adito.cookie", "JSESSIONID"); String sessionId = null; Cookie[] cookies = request.getCookies(); for (int i = 0; cookies != null && i < cookies.length; i++) { if (cookies[i].getName().equalsIgnoreCase(sessionIdentifier)) { sessionId = cookies[i].getValue(); break; } } if (sessionId != null) { logonsBySessionId.put(sessionId, info); } else log.warn("Could not find session id using identifier " + sessionIdentifier + " in HTTP request"); } catch (Exception ex) { log.warn("Failed to determine HTTP session id", ex); } logons.put(logonTicket, info); /** * Set the normal logon ticket without a domain - this works in almost * all circumstances */ Cookie cookie = new Cookie(Constants.LOGON_TICKET, logonTicket); cookie.setMaxAge(Property.getPropertyInt(new SystemConfigKey("security.session.maxCookieAge"))); cookie.setPath("/"); cookie.setSecure(true); response.addCookie(cookie); /** * Set a logon ticket for the domain - this is require to make active * dns work. */ Cookie cookie2 = new Cookie(Constants.DOMAIN_LOGON_TICKET, logonTicket); cookie2.setMaxAge(Property.getPropertyInt(new SystemConfigKey("security.session.maxCookieAge"))); cookie2.setPath("/"); // We now set the domain on the cookie so the new Active DNS feature for // Reverse Proxy works correctly String host = request.getHeader("Host"); if (host != null) { HostService hostService = new HostService(host); cookie2.setDomain(hostService.getHost()); } cookie.setSecure(true); response.addCookie(cookie2); return info; }
From source file:com.sslexplorer.security.DefaultLogonController.java
private SessionInfo addLogonTicket(HttpServletRequest request, HttpServletResponse response, User user, InetAddress address, int sessionType) { String logonTicket = TicketGenerator.getInstance().generateUniqueTicket("SLX"); if (log.isInfoEnabled()) log.info("Adding logon ticket to session " + request.getSession().getId()); request.getSession().setAttribute(Constants.LOGON_TICKET, logonTicket); request.setAttribute(Constants.LOGON_TICKET, logonTicket); String userAgent = request.getHeader("User-Agent"); SessionInfo info = SessionInfo.nextSession(request.getSession(), logonTicket, user, address, sessionType, userAgent);//from w ww.j a v a 2 s . c o m request.getSession().setAttribute(Constants.SESSION_INFO, info); try { String sessionIdentifier = SystemProperties.get("sslexplorer.cookie", "JSESSIONID"); String sessionId = null; Cookie[] cookies = request.getCookies(); for (int i = 0; cookies != null && i < cookies.length; i++) { if (cookies[i].getName().equalsIgnoreCase(sessionIdentifier)) { sessionId = cookies[i].getValue(); break; } } if (sessionId != null) { logonsBySessionId.put(sessionId, info); } else log.warn("Could not find session id using identifier " + sessionIdentifier + " in HTTP request"); } catch (Exception ex) { log.warn("Failed to determine HTTP session id", ex); } logons.put(logonTicket, info); /** * Set the normal logon ticket without a domain - this works in almost * all circumstances */ Cookie cookie = new Cookie(Constants.LOGON_TICKET, logonTicket); cookie.setMaxAge(Property.getPropertyInt(new SystemConfigKey("security.session.maxCookieAge"))); cookie.setPath("/"); cookie.setSecure(true); response.addCookie(cookie); /** * Set a logon ticket for the domain - this is require to make active * dns work. */ Cookie cookie2 = new Cookie(Constants.DOMAIN_LOGON_TICKET, logonTicket); cookie2.setMaxAge(Property.getPropertyInt(new SystemConfigKey("security.session.maxCookieAge"))); cookie2.setPath("/"); // We now set the domain on the cookie so the new Active DNS feature for // Reverse Proxy works correctly String host = request.getHeader("Host"); if (host != null) { HostService hostService = new HostService(host); cookie2.setDomain(hostService.getHost()); } cookie.setSecure(true); response.addCookie(cookie2); return info; }
From source file:com.adito.security.DefaultLogonController.java
public void addCookies(RequestHandlerRequest request, RequestHandlerResponse response, String logonTicket, SessionInfo session) {/*from w ww . j av a 2 s . c o m*/ if (request.getAttribute("sslx.logon.cookie") != null) return; /** * Set the normal logon ticket without a domain - this works in almost * all circumstances */ Cookie cookie = new Cookie(Constants.LOGON_TICKET, logonTicket); cookie.setMaxAge(Property.getPropertyInt(new SystemConfigKey("security.session.maxCookieAge"))); cookie.setPath("/"); cookie.setSecure(true); response.addCookie(cookie); /** * Set a logon ticket for the domain - this is require to make active * dns work. */ Cookie cookie2 = new Cookie(Constants.DOMAIN_LOGON_TICKET, logonTicket); cookie2.setMaxAge(Property.getPropertyInt(new SystemConfigKey("security.session.maxCookieAge"))); cookie2.setPath("/"); // We now set the domain on the cookie so the new Active DNS feature for // Reverse Proxy works correctly String host = request.getField("Host"); if (host != null) { HostService hostService = new HostService(host); cookie2.setDomain(hostService.getHost()); } cookie2.setSecure(true); response.addCookie(cookie2); request.setAttribute("sslx.logon.cookie", new Object()); /** * LDP - This code was not setting the domain on the ticket. I've * converted to the new format of having two seperate tickets to ensure * tickets are sent across domains */ /* * Cookie cookie = new Cookie(Constants.LOGON_TICKET, logonTicket); try { * cookie.setMaxAge(Integer.parseInt(CoreServlet.getServlet().getPropertyDatabase().getProperty(0, * null, "security.session.maxCookieAge"))); if * ("true".equals(CoreServlet.getServlet().getPropertyDatabase().getProperty(0, * null, "security.session.lockSessionOnBrowserClose"))) { if * (log.isInfoEnabled()) log.info("New session - will force the user to * authenticate again"); // initialiseSession(request.getSession(), * user); // List profiles = // * CoreServlet.getServlet().getPropertyDatabase().getPropertyProfiles(user.getUsername(), // * false); // request.getSession().setAttribute(Constants.PROFILES, // * profiles); * request.getSession().setAttribute(Constants.SESSION_LOCKED, user); } } * catch (Exception e) { log.error(e); cookie.setMaxAge(900); } * cookie.setPath("/"); cookie.setSecure(true); * response.addCookie(cookie); */ // }
From source file:com.konakart.actions.BaseAction.java
/** * Utility method to get the CustomerUuid from the browser cookie and create the cookie if it * doesn't exist.//from w ww. j a v a2 s. c o m * * @param request * @return Returns the CustomerUuid */ private String getCustomerUuidFromBrowserCookie(HttpServletRequest request, HttpServletResponse response) { /* * Try to find the cookie we are looking for */ Cookie[] cookies = request.getCookies(); String uuid = null; if (cookies != null) { for (int i = 0; i < cookies.length; i++) { Cookie cookie = cookies[i]; String cookieName = cookie.getName(); if (cookieName.equals(CUSTOMER_UUID)) { /* * If we find the cookie we get the value and update the max age. */ uuid = cookie.getValue(); cookie.setMaxAge(COOKIE_MAX_AGE_IN_SECS); cookie.setPath("/"); response.addCookie(cookie); } } } /* * If the browser cookie doesn't exist then we have to create it and store a newly created * UUID string */ if (uuid == null) { UUID uuidObject = UUID.randomUUID(); uuid = uuidObject.toString(); /* * Create a browser cookie with the UUID */ Cookie uuidCookie = new Cookie(CUSTOMER_UUID, uuid); uuidCookie.setMaxAge(COOKIE_MAX_AGE_IN_SECS); uuidCookie.setPath("/"); response.addCookie(uuidCookie); } return uuid; }
From source file:com.exilant.exility.core.HtmlRequestHandler.java
/** * Carry out login rituals after a successful execution of login service * /*from w w w .j a v a 2s . c o m*/ * @param req * @param resp * @param data * @return */ private boolean doLogin(HttpServletRequest req, HttpServletResponse resp, ServiceData data) { if (data.getErrorStatus() != CommonFieldNames.SEVERITY_SUCCESS) { return false; } req.getSession().setAttribute(AP.loggedInUserFieldName, data.getValue(AP.loggedInUserFieldName)); // set cookies Cookie cookie = new Cookie(AP.loggedInUserFieldName, data.getValue(AP.loggedInUserFieldName)); Date now = DateUtility.addDays(new Date(), 400); cookie.setMaxAge((int) now.getTime()); resp.addCookie(cookie); if (AP.setCookies != null) { for (String name : AP.setCookies) { cookie = new Cookie(name, data.getValue(name)); cookie.setPath(req.getContextPath()); if (data.hasValue(name)) { Spit.out(" cookie " + name + " is set with value = " + data.getValue(name)); cookie.setMaxAge((int) now.getTime()); } else { // we have to remove the cookie Spit.out(name + " does not have value and hence cookie is not set"); cookie.setMaxAge(-12); } resp.addCookie(cookie); } } data.addValue("*_usersession", req.getSession().getId()); this.addGlobalDataToSession(req, data); // TEXTILE needs the following four lines /* * ExilityInterface.Bridge br = new ExilityInterface.Bridge(); * DataCollection dc = new DataCollection(); dc.CopyFrom(data); * br.AddoldVersionGlobalValues(dc, ctx); */ if (AP.cleanserName != null) { ServiceCleanserInterface serviceCleanser = ServiceCleansers.getCleanser(AP.cleanserName); if (serviceCleanser == null) { data.addError(AP.cleanserName + " is not a valid cleanser name."); return false; } if (!serviceCleanser.cleanseAfterService(req, data)) { { data.addMessage("cleanseAfterServiceFailed", AP.cleanserName); return false; } } } return true; }
From source file:com.openvcx.webcall.ConferenceCreateServlet.java
/** * <p>Lookup a client conference number stored in a cookie. If no phone number is provided by the client a random SIP URI phone number is automatically generated.</p> * <p>A conference definition template file is used to create the conference definition for the phone number.</p> * <p>The auto-assigned phone number is then stored in a cookie and returned to the client.</p> * @param out standard output Output writer * @param request The HTTP request object * @param response The HTTP response object *//*w ww . j a v a2 s . c o m*/ private boolean doCreateNumber(PrintWriter out, HttpServletRequest request, HttpServletResponse response) throws IOException { String strOutputNumber = null; Cookie[] arrCookies = request.getCookies(); if (null != arrCookies) { for (Cookie cookie : arrCookies) { //logger.debug("cookie name: " + cookie.getName() + ", path: " + cookie.getPath() + ", domain: " + cookie.getDomain() + ", maxAge: " + cookie.getMaxAge() + ", value: " + cookie.getValue()); if (COOKIE_NUMBER_KEY.equals(cookie.getName())) { if (null != (strOutputNumber = cookie.getValue()) && strOutputNumber.length() == 0) { strOutputNumber = null; } logger.debug("Using cookie stored conference output number: '" + strOutputNumber + "'."); break; } } } strOutputNumber = createConferenceDefinition(strOutputNumber); if (null != strOutputNumber) { int cookieAgeDays = 7; Cookie cookie = new Cookie(COOKIE_NUMBER_KEY, strOutputNumber); cookie.setMaxAge(cookieAgeDays * SECONDS_IN_DAY); cookie.setPath("/" + getUriDirSegment(request.getRequestURI(), 0) + "/"); logger.debug("Setting cookie " + COOKIE_NUMBER_KEY + "=" + strOutputNumber); response.addCookie(cookie); out.println("number=" + strOutputNumber); } return true; }