etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Disable acceptence of old-fashion URL form for console access

This commit is contained in:
Kelven Yang 2013-03-07 18:39:33 -08:00
parent 409ec9c6b6
commit 37bab18c68
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
View File

@ -49,7 +49,9 @@ public class ConsoleProxyHttpHandlerHelper {
if(map.get("token") != null) {
ConsoleProxyPasswordBasedEncryptor encryptor = new ConsoleProxyPasswordBasedEncryptor(
ConsoleProxy.getEncryptorPassword());
// make sure we get information from token only
map.clear();
ConsoleProxyClientParam param = encryptor.decryptObject(ConsoleProxyClientParam.class, map.get("token"));
if(param != null) {
if(param.getClientHostAddress() != null)
@ -67,6 +69,9 @@ public class ConsoleProxyHttpHandlerHelper {
if(param.getTicket() != null)
map.put("ticket", param.getTicket());
}
} else {
// we no longer accept information from parameter other than token
map.clear();
}
return map;