From 0b68bf2ead4f0902945f63601cf5c8b80046f8fb Mon Sep 17 00:00:00 2001 From: Jessica Wang Date: Fri, 13 Mar 2015 13:14:42 +0530 Subject: [PATCH] CS-18149: UI - no longer store sessionKey in cookie. After ... this change, opening the 2nd browser window (of the same domain) will show login screen (i.e. user has to enter credentials again) and will cause the 1st browser window session timeout. Signed-off-by: Rohit Yadav Conflicts: ui/scripts/cloudStack.js --- ui/scripts/cloudStack.js | 53 +++++++++++++++++++++++----------------- 1 file changed, 31 insertions(+), 22 deletions(-) diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js index b6dd5593345..367a0df9b0c 100644 --- a/ui/scripts/cloudStack.js +++ b/ui/scripts/cloudStack.js @@ -125,23 +125,26 @@ bypassLoginCheck: function(args) { //determine to show or bypass login screen if (g_loginResponse == null) { //show login screen /* - but if this is a 2nd browser window (of the same domain), login screen still won't show because $.cookie('sessionKey') is valid for 2nd browser window (of the same domain) as well. - i.e. calling listCapabilities API with g_sessionKey from $.cookie('sessionKey') will succeed, - then userValid will be set to true, then an user object (instead of "false") will be returned, then login screen will be bypassed. - */ - g_mySession = $.cookie('JSESSIONID'); - g_sessionKey = $.cookie('sessionKey'); - g_role = $.cookie('role'); - g_username = $.cookie('username'); - g_userid = $.cookie('userid'); - g_account = $.cookie('account'); - g_domainid = $.cookie('domainid'); - g_userfullname = $.cookie('userfullname'); - g_timezone = $.cookie('timezone'); - if ($.cookie('timezoneoffset') != null) - g_timezoneoffset = isNaN($.cookie('timezoneoffset')) ? null : parseFloat($.cookie('timezoneoffset')); - else - g_timezoneoffset = null; + * Since we no longer store sessionKey in cookie, opening the + * 2nd browser window (of the same domain) will show login screen (i.e. user has to + * enter credentials again) and will cause the 1st browser window session timeout. + */ + var unBoxCookieValue = function (cookieName) { + var cookieValue = $.cookie(cookieName); + if (cookieValue && cookieValue.length > 2 && cookieValue[0] === '"' && cookieValue[cookieValue.length-1] === '"') { + cookieValue = cookieValue.slice(1, cookieValue.length-1); + $.cookie(cookieName, cookieValue, { expires: 1 }); + } + return cookieValue; + }; + g_sessionKey = unBoxCookieValue('JSESSIONID'); + g_role = unBoxCookieValue('role'); + g_userid = unBoxCookieValue('userid'); + g_domainid = unBoxCookieValue('domainid'); + g_account = unBoxCookieValue('account'); + g_username = unBoxCookieValue('username'); + g_userfullname = unBoxCookieValue('userfullname'); + g_timezone = unBoxCookieValue('timezone'); } else { //single-sign-on (bypass login screen) g_mySession = $.cookie('JSESSIONID'); g_sessionKey = encodeURIComponent(g_loginResponse.sessionkey); @@ -272,9 +275,6 @@ g_timezoneoffset = loginresponse.timezoneoffset; g_userfullname = loginresponse.firstname + ' ' + loginresponse.lastname; - $.cookie('sessionKey', g_sessionKey, { - expires: 1 - }); $.cookie('username', g_username, { expires: 1 }); @@ -395,9 +395,8 @@ g_kvmsnapshotenabled = null; g_regionsecondaryenabled = null; g_loginCmdText = null; - + $.cookie('JSESSIONID', null); - $.cookie('sessionKey', null); $.cookie('username', null); $.cookie('account', null); $.cookie('domainid', null); @@ -422,6 +421,16 @@ }); }, + samlLoginAction: function(args) { + $.cookie('JSESSIONID', null); + $.cookie('username', null); + $.cookie('account', null); + $.cookie('domainid', null); + $.cookie('role', null); + $.cookie('timezone', null); + window.location.href = createURL('samlSso'); + }, + // Show cloudStack main UI widget complete: function(args) { var context = {