ASF Bugzilla – Attachment 19397 Details for
Bug 41217
SingleSignOn Cookie does not honor https access: Login Information Disclosure
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to set secure flag on SSO cookie when requested over https
AuthenticatorBase.diff (text/plain), 734 bytes, created by
Chris Halstead
on 2007-01-11 17:15:31 UTC
(
hide
)
Description:
Patch to set secure flag on SSO cookie when requested over https
Filename:
MIME Type:
Creator:
Chris Halstead
Created:
2007-01-11 17:15:31 UTC
Size:
734 bytes
patch
obsolete
>Index: container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java >=================================================================== >--- container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java (revision 495443) >+++ container/catalina/src/share/org/apache/catalina/authenticator/AuthenticatorBase.java (working copy) >@@ -745,6 +745,9 @@ > Cookie cookie = new Cookie(Constants.SINGLE_SIGN_ON_COOKIE, ssoId); > cookie.setMaxAge(-1); > cookie.setPath("/"); >+ >+ // BZ 41217 >+ cookie.setSecure(request.isSecure()); > > // Bugzilla 34724 > String ssoDomain = sso.getCookieDomain();
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 41217
: 19397