From 37bab18c68fdb3492429c7d935958d774cb60205 Mon Sep 17 00:00:00 2001
From: Kelven Yang <kelveny@gmail.com>
Date: Thu, 7 Mar 2013 18:39:33 -0800
Subject: [PATCH] Disable acceptence of old-fashion URL form for console access

---
 .../cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java  | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java b/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
index 7756d01cd7f..7f79bae657f 100644
--- a/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
+++ b/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
@@ -49,7 +49,9 @@ public class ConsoleProxyHttpHandlerHelper {
         if(map.get("token") != null) {
             ConsoleProxyPasswordBasedEncryptor encryptor = new ConsoleProxyPasswordBasedEncryptor(
                 ConsoleProxy.getEncryptorPassword());
-            
+    
+            // make sure we get information from token only
+            map.clear();
             ConsoleProxyClientParam param = encryptor.decryptObject(ConsoleProxyClientParam.class, map.get("token"));
             if(param != null) {
                 if(param.getClientHostAddress() != null)
@@ -67,6 +69,9 @@ public class ConsoleProxyHttpHandlerHelper {
                 if(param.getTicket() != null)
                     map.put("ticket", param.getTicket());
             }
+        } else {
+        	// we no longer accept information from parameter other than token 
+        	map.clear();
         }
         
         return map;