From 6c71d3bae1a3a72a9fa4004decdba4a7174f6913 Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Fri, 13 Mar 2015 15:01:11 +0530 Subject: [PATCH] ui: if session cookie exists, use it to set global session holder and invalidate it The 19e3c0168e744a76b5e1dc24a5eafa776d342404 commit breaks SAML login and any login where redirection is used. Signed-off-by: Rohit Yadav (cherry picked from commit b79f13ccb54c6afc48c42bc94c61621dc6cac32d) Signed-off-by: Rohit Yadav --- .../api/command/SAML2LoginAPIAuthenticatorCmd.java | 2 +- ui/scripts/cloudStack.js | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java index 3b6b7d37899..de6031c1cff 100644 --- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java +++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java @@ -285,7 +285,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent resp.addCookie(new Cookie("domainid", URLEncoder.encode(loginResponse.getDomainId(), HttpUtils.UTF_8))); resp.addCookie(new Cookie("role", URLEncoder.encode(loginResponse.getType(), HttpUtils.UTF_8))); resp.addCookie(new Cookie("username", URLEncoder.encode(loginResponse.getUsername(), HttpUtils.UTF_8))); - resp.addCookie(new Cookie("sessionKey", URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8))); + resp.addCookie(new Cookie("sessionkey", URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8))); resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8))); resp.addCookie(new Cookie("timezone", URLEncoder.encode(loginResponse.getTimeZone(), HttpUtils.UTF_8))); resp.addCookie(new Cookie("userfullname", URLEncoder.encode(loginResponse.getFirstName() + " " + loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20"))); diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js index 2adb89c961c..55200b68669 100644 --- a/ui/scripts/cloudStack.js +++ b/ui/scripts/cloudStack.js @@ -117,14 +117,22 @@ } return cookieValue; }; - g_sessionKey = unBoxCookieValue('JSESSIONID'); + unBoxCookieValue('sessionkey'); + // if sessionkey cookie exists use this to set g_sessionKey + // and destroy sessionkey cookie + if ($.cookie('sessionkey')) { + g_sessionKey = $.cookie('sessionkey'); + $.cookie('sessionkey', null); + } else { + g_sessionKey = unBoxCookieValue('JSESSIONID'); + } g_role = unBoxCookieValue('role'); g_userid = unBoxCookieValue('userid'); g_domainid = unBoxCookieValue('domainid'); g_account = unBoxCookieValue('account'); g_username = unBoxCookieValue('username'); g_userfullname = unBoxCookieValue('userfullname'); - g_timezone = unBoxCookieValue('timezone'); + g_timezone = unBoxCookieValue('timezone'); } else { //single-sign-on (bypass login screen) g_sessionKey = encodeURIComponent(g_loginResponse.sessionkey); g_role = g_loginResponse.type; @@ -322,6 +330,7 @@ g_loginCmdText = null; $.cookie('JSESSIONID', null); + $.cookie('sessionkey', null); $.cookie('username', null); $.cookie('account', null); $.cookie('domainid', null); @@ -345,6 +354,7 @@ samlLoginAction: function(args) { $.cookie('JSESSIONID', null); + $.cookie('sessionkey', null); $.cookie('username', null); $.cookie('account', null); $.cookie('domainid', null);