[28/50] [abbrv] ambari git commit: AMBARI-21675.Add Secure Flag to Cookie / JSESSIONID in Zeppelin(Prabhjyot Singh via Venkata Sairam)

Mon, 09 Oct 2017 11:35:00 -0700 

AMBARI-21675.Add Secure Flag to Cookie / JSESSIONID in Zeppelin(Prabhjyot Singh 
via Venkata Sairam)

(cherry picked from commit 2b50a560c34a278b67352b699e698a1cfd050406)

Change-Id: Ie9413cf613616c89301dd955eb8e3255eb9c0b91


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/5a57ad34
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/5a57ad34
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/5a57ad34

Branch: refs/heads/2.5-maint
Commit: 5a57ad34b305c86bcb952ceae8979d6c4713339a
Parents: f146158
Author: Venkata Sairam <[email protected]>
Authored: Mon Aug 21 14:03:58 2017 +0530
Committer: Sumit Mohanty <[email protected]>
Committed: Mon Aug 21 13:49:56 2017 -0700

----------------------------------------------------------------------
 .../ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml    | 6 ++++++
 1 file changed, 6 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/5a57ad34/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
 
b/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
index 971e4af..742f5be 100644
--- 
a/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
+++ 
b/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
@@ -61,6 +61,12 @@ sessionManager = 
org.apache.shiro.web.session.mgt.DefaultWebSessionManager
 cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
 securityManager.cacheManager = $cacheManager
 
+cookie = org.apache.shiro.web.servlet.SimpleCookie
+cookie.name = JSESSIONID
+cookie.secure = true
+cookie.httpOnly = true
+sessionManager.sessionIdCookie = $cookie
+
 securityManager.sessionManager = $sessionManager
 # 86,400,000 milliseconds = 24 hour
 securityManager.sessionManager.globalSessionTimeout = 86400000

Reply via email to