CS-18149: UI - no longer store sessionKey in cookie. After

... this change, opening the 2nd browser window (of the same domain) will show login screen (i.e. user has to enter credentials again) and will cause the 1st browser window session timeout. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> (cherry picked from commit 19e3c0168e) Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-03-13 13:14:42 +05:30 · 2015-03-13 13:14:42 +05:30 · a308f37232
parent b9d624dae0
commit a308f37232
1 changed files with 7 additions and 10 deletions
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@ -105,10 +105,10 @@
            bypassLoginCheck: function(args) { //determine to show or bypass login screen
                if (g_loginResponse == null) { //show login screen
                    /*
-           but if this is a 2nd browser window (of the same domain), login screen still won't show because $.cookie('sessionKey') is valid for 2nd browser window (of the same domain) as well.
-           i.e. calling listCapabilities API with g_sessionKey from $.cookie('sessionKey') will succeed,
-           then userValid will be set to true, then an user object (instead of "false") will be returned, then login screen will be bypassed.
-           */
+                     * Since we no longer store sessionKey in cookie, opening the
+                     * 2nd browser window (of the same domain) will show login screen (i.e. user has to
+                     * enter credentials again) and will cause the 1st browser window session timeout.
+                     */
                    var unBoxCookieValue = function (cookieName) {
                        var cookieValue = $.cookie(cookieName);
                        if (cookieValue && cookieValue.length > 2 && cookieValue[0] === '"' && cookieValue[cookieValue.length-1] === '"') {
@ -117,7 +117,7 @@
                        }
                        return cookieValue;
                    };
-                    g_sessionKey = unBoxCookieValue('sessionKey');
+                    g_sessionKey = unBoxCookieValue('JSESSIONID');
                    g_role = unBoxCookieValue('role');
                    g_userid = unBoxCookieValue('userid');
                    g_domainid = unBoxCookieValue('domainid');
@ -226,9 +226,6 @@
                        g_timezone = loginresponse.timezone;                        
                        g_userfullname = loginresponse.firstname + ' ' + loginresponse.lastname;

-                        $.cookie('sessionKey', g_sessionKey, {
-                            expires: 1
-                        });
                        $.cookie('username', g_username, {
                            expires: 1
                        });
@ -324,7 +321,7 @@
                        g_regionsecondaryenabled = null;
                        g_loginCmdText = null;
                        
-                        $.cookie('sessionKey', null);
+                        $.cookie('JSESSIONID', null);
                        $.cookie('username', null);
                        $.cookie('account', null);
                        $.cookie('domainid', null);
@ -347,7 +344,7 @@
            },

            samlLoginAction: function(args) {
-                $.cookie('sessionKey', null);
+                $.cookie('JSESSIONID', null);
                $.cookie('username', null);
                $.cookie('account', null);
                $.cookie('domainid', null);