rohityadavcloud commented on code in PR #6149:
URL: https://github.com/apache/cloudstack/pull/6149#discussion_r852062056
##########
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAMLUtils.java:
##########
@@ -280,7 +280,7 @@ public static void setupSamlUserCookies(final
LoginCmdResponse loginResponse, fi
resp.addCookie(new Cookie("timezone", URLEncoder.encode(timezone,
HttpUtils.UTF_8)));
}
resp.addCookie(new Cookie("userfullname",
URLEncoder.encode(loginResponse.getFirstName() + " " +
loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20")));
- resp.addHeader("SET-COOKIE", String.format("%s=%s;HttpOnly",
ApiConstants.SESSIONKEY, loginResponse.getSessionKey()));
+ resp.addHeader("SET-COOKIE",
String.format("%s=%s;HttpOnly;Path=/client/api", ApiConstants.SESSIONKEY,
loginResponse.getSessionKey()));
Review Comment:
Nevermind, my comment- Based on
https://github.com/apache/cloudstack/blob/main/server/src/main/java/com/cloud/api/ApiServlet.java#L224
your changes LGTM (the Path /client/api is more restrictive than /client but
should work and ensure all APIs function. The only issue is when the path isn't
/client/api which is not a case I think think of as all APIs calls are handled
at /client/api)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
