Repository: incubator-ranger Updated Branches: refs/heads/master 6228e4e3a -> 608776712
RANGER-981: Change session cookie name from JSESSIONID to RANGERADMINSESSIONID Signed-off-by: Gautam Borad <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/60877671 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/60877671 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/60877671 Branch: refs/heads/master Commit: 60877671289426847a5f54a0ae3877c4f420c75a Parents: 6228e4e Author: Mehul Parikh <[email protected]> Authored: Tue May 10 14:37:29 2016 +0530 Committer: Gautam Borad <[email protected]> Committed: Fri May 13 18:46:19 2016 +0530 ---------------------------------------------------------------------- .../org/apache/ranger/security/web/filter/RangerKrbFilter.java | 2 +- .../src/main/resources/conf.dist/security-applicationContext.xml | 2 +- security-admin/src/main/webapp/WEB-INF/web.xml | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/60877671/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java index 88ab020..120f098 100644 --- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java +++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java @@ -502,7 +502,7 @@ public class RangerKrbFilter implements Filter { Collection<String> headerNames = httpResponse.getHeaderNames(); for(String headerName : headerNames){ String value = httpResponse.getHeader(headerName); - if(headerName.equalsIgnoreCase("Set-Cookie") && value.startsWith("JSESSIONID")){ + if(headerName.equalsIgnoreCase("Set-Cookie") && value.startsWith("RANGERADMINSESSIONID")){ chk = false; break; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/60877671/security-admin/src/main/resources/conf.dist/security-applicationContext.xml ---------------------------------------------------------------------- diff --git a/security-admin/src/main/resources/conf.dist/security-applicationContext.xml b/security-admin/src/main/resources/conf.dist/security-applicationContext.xml index 6becfcd..66ef8af 100644 --- a/security-admin/src/main/resources/conf.dist/security-applicationContext.xml +++ b/security-admin/src/main/resources/conf.dist/security-applicationContext.xml @@ -54,7 +54,7 @@ http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd";> <security:custom-filter position="LAST" ref="userContextFormationFilter"/> <security:access-denied-handler error-page="/public/failedLogin.jsp?access_denied=1"/> - <security:logout delete-cookies="JSESSIONID,xa_rmc" logout-url="/logout.html" success-handler-ref="customLogoutSuccessHandler" /> + <security:logout delete-cookies="RANGERADMINSESSIONID,xa_rmc" logout-url="/logout.html" success-handler-ref="customLogoutSuccessHandler" /> <http-basic entry-point-ref="authenticationProcessingFilterEntryPoint"/> </security:http> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/60877671/security-admin/src/main/webapp/WEB-INF/web.xml ---------------------------------------------------------------------- diff --git a/security-admin/src/main/webapp/WEB-INF/web.xml b/security-admin/src/main/webapp/WEB-INF/web.xml index a770e4b..bd29a3e 100644 --- a/security-admin/src/main/webapp/WEB-INF/web.xml +++ b/security-admin/src/main/webapp/WEB-INF/web.xml @@ -80,8 +80,9 @@ <session-timeout>60</session-timeout> <tracking-mode>COOKIE</tracking-mode> <cookie-config> + <name>RANGERADMINSESSIONID</name> <http-only>true</http-only> - </cookie-config> + </cookie-config> </session-config> <error-page> <error-code>500</error-code> @@ -91,4 +92,5 @@ <error-code>404</error-code> <location>/public/error404.jsp</location> </error-page> + </web-app>
