Clean up cookie creation - use version 1, set path to IdP context, use session scoped...

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2875 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationEngine.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationEngine.java
index e66c53f..c241e32 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationEngine.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationEngine.java
@@ -704,18 +704,11 @@ public class AuthenticationEngine extends HttpServlet {
         cookieValue.append(Base64.encodeBytes(remoteAddress, Base64.DONT_BREAK_LINES)).append("|");
         cookieValue.append(Base64.encodeBytes(sessionId, Base64.DONT_BREAK_LINES)).append("|");
         cookieValue.append(signature);
+        
         Cookie sessionCookie = new Cookie(IDP_SESSION_COOKIE_NAME, HTTPTransportUtils.urlEncode(cookieValue.toString()));
-
-        String contextPath = httpRequest.getContextPath();
-        if (DatatypeHelper.isEmpty(contextPath)) {
-            sessionCookie.setPath("/");
-        } else {
-            sessionCookie.setPath(contextPath);
-        }
-
+        sessionCookie.setVersion(1);
+        sessionCookie.setPath(httpRequest.getContextPath() == "" ? "/" : httpRequest.getContextPath());
         sessionCookie.setSecure(httpRequest.isSecure());
-        sessionCookie.setMaxAge(-1);
-
         httpResponse.addCookie(sessionCookie);
     }
 }
\ No newline at end of file

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/util/HttpServletHelper.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/util/HttpServletHelper.java
index 8a63bf3..f5cb09c 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/util/HttpServletHelper.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/util/HttpServletHelper.java
@@ -148,7 +148,7 @@ public class HttpServletHelper {
         if (loginContext == null) {
             return;
         }
-        
+
         bindLoginContext(loginContext, httpRequest);
 
         String parition = getContextParam(context, LOGIN_CTX_PARTITION_CTX_PARAM, DEFAULT_LOGIN_CTX_PARITION);
@@ -164,9 +164,9 @@ public class HttpServletHelper {
         storageService.put(parition, contextKey, entry);
 
         Cookie contextKeyCookie = new Cookie(LOGIN_CTX_KEY_NAME, contextKey);
-        contextKeyCookie.setPath("/");
+        contextKeyCookie.setVersion(1);
+        contextKeyCookie.setPath(httpRequest.getContextPath() == "" ? "/" : httpRequest.getContextPath());
         contextKeyCookie.setSecure(httpRequest.isSecure());
-        contextKeyCookie.setMaxAge(31556926);
         httpResponse.addCookie(contextKeyCookie);
     }
 
@@ -529,6 +529,7 @@ public class HttpServletHelper {
             log.warn("Corrupted LoginContext Key cookie, it did not contain a value");
         }
 
+        httpRequest.setAttribute(LOGIN_CTX_KEY_NAME, null);
         loginContextKeyCookie.setMaxAge(0);
         httpResponse.addCookie(loginContextKeyCookie);