صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
github
/
spring-security
mirrorاز https://github.com/spring-projects/spring-security
2
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
فهرست منبع

SEC-206: Include context root when generating cookies.

Ben Alex 19 سال پیش
والد
5d9ed78b50
کامیت
6bae43d380
1فایلهای تغییر یافته به همراه7 افزوده شده و 5 حذف شده
مشاهده تقسیم شده نمایش آمار تفاوت ها
  1. 7 5
      core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java

+ 7 - 5
core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java
مشاهده فایل 

@@ -262,7 +262,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
 
             logger.debug("Cancelling cookie for reason: " + reasonForLog);
 
         }
 
 
-        response.addCookie(makeCancelCookie());
 
+        response.addCookie(makeCancelCookie(request));
 
     }
 
 
     public String getKey() {
 
@@ -330,7 +330,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
 
         String tokenValue = username + ":" + expiryTime + ":" + signatureValue;
 
         String tokenValueBase64 = new String(Base64.encodeBase64(
 
                     tokenValue.getBytes()));
 
-        response.addCookie(makeValidCookie(expiryTime, tokenValueBase64));
 
+        response.addCookie(makeValidCookie(expiryTime, tokenValueBase64, request));
 
 
         if (logger.isDebugEnabled()) {
 
             logger.debug("Added remember-me cookie for user '" + username
 
@@ -338,19 +338,21 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
 
         }
 
     }
 
 
-    protected Cookie makeCancelCookie() {
 
+    protected Cookie makeCancelCookie(HttpServletRequest request) {
 
         Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
 
                 null);
 
         cookie.setMaxAge(0);
 
+        cookie.setPath(request.getContextPath());
 
 
         return cookie;
 
     }
 
 
-    protected Cookie makeValidCookie(long expiryTime, String tokenValueBase64) {
 
+    protected Cookie makeValidCookie(long expiryTime, String tokenValueBase64, HttpServletRequest request) {
 
         Cookie cookie = new Cookie(ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
 
                 tokenValueBase64);
 
         cookie.setMaxAge(60 * 60 * 24 * 365 * 5); // 5 years
 
-
 
+        cookie.setPath(request.getContextPath());
 
+        
         return cookie;
 
     }