diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js index b6dd5593345..367a0df9b0c 100644 --- a/ui/scripts/cloudStack.js +++ b/ui/scripts/cloudStack.js @@ -125,23 +125,26 @@ bypassLoginCheck: function(args) { //determine to show or bypass login screen if (g_loginResponse == null) { //show login screen /* - but if this is a 2nd browser window (of the same domain), login screen still won't show because $.cookie('sessionKey') is valid for 2nd browser window (of the same domain) as well. - i.e. calling listCapabilities API with g_sessionKey from $.cookie('sessionKey') will succeed, - then userValid will be set to true, then an user object (instead of "false") will be returned, then login screen will be bypassed. - */ - g_mySession = $.cookie('JSESSIONID'); - g_sessionKey = $.cookie('sessionKey'); - g_role = $.cookie('role'); - g_username = $.cookie('username'); - g_userid = $.cookie('userid'); - g_account = $.cookie('account'); - g_domainid = $.cookie('domainid'); - g_userfullname = $.cookie('userfullname'); - g_timezone = $.cookie('timezone'); - if ($.cookie('timezoneoffset') != null) - g_timezoneoffset = isNaN($.cookie('timezoneoffset')) ? null : parseFloat($.cookie('timezoneoffset')); - else - g_timezoneoffset = null; + * Since we no longer store sessionKey in cookie, opening the + * 2nd browser window (of the same domain) will show login screen (i.e. user has to + * enter credentials again) and will cause the 1st browser window session timeout. + */ + var unBoxCookieValue = function (cookieName) { + var cookieValue = $.cookie(cookieName); + if (cookieValue && cookieValue.length > 2 && cookieValue[0] === '"' && cookieValue[cookieValue.length-1] === '"') { + cookieValue = cookieValue.slice(1, cookieValue.length-1); + $.cookie(cookieName, cookieValue, { expires: 1 }); + } + return cookieValue; + }; + g_sessionKey = unBoxCookieValue('JSESSIONID'); + g_role = unBoxCookieValue('role'); + g_userid = unBoxCookieValue('userid'); + g_domainid = unBoxCookieValue('domainid'); + g_account = unBoxCookieValue('account'); + g_username = unBoxCookieValue('username'); + g_userfullname = unBoxCookieValue('userfullname'); + g_timezone = unBoxCookieValue('timezone'); } else { //single-sign-on (bypass login screen) g_mySession = $.cookie('JSESSIONID'); g_sessionKey = encodeURIComponent(g_loginResponse.sessionkey); @@ -272,9 +275,6 @@ g_timezoneoffset = loginresponse.timezoneoffset; g_userfullname = loginresponse.firstname + ' ' + loginresponse.lastname; - $.cookie('sessionKey', g_sessionKey, { - expires: 1 - }); $.cookie('username', g_username, { expires: 1 }); @@ -395,9 +395,8 @@ g_kvmsnapshotenabled = null; g_regionsecondaryenabled = null; g_loginCmdText = null; - + $.cookie('JSESSIONID', null); - $.cookie('sessionKey', null); $.cookie('username', null); $.cookie('account', null); $.cookie('domainid', null); @@ -422,6 +421,16 @@ }); }, + samlLoginAction: function(args) { + $.cookie('JSESSIONID', null); + $.cookie('username', null); + $.cookie('account', null); + $.cookie('domainid', null); + $.cookie('role', null); + $.cookie('timezone', null); + window.location.href = createURL('samlSso'); + }, + // Show cloudStack main UI widget complete: function(args) { var context = {