Repository: incubator-unomi Updated Branches: refs/heads/master 2c5d5be4e -> 8f6f2472d
UNOMI-112 Inconsistent domains set on Apache Unomi context-profile-id cookies - Make sure we use the same configuration througout all the code that sets cookies. Signed-off-by: Serge Huber <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/incubator-unomi/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-unomi/commit/8f6f2472 Tree: http://git-wip-us.apache.org/repos/asf/incubator-unomi/tree/8f6f2472 Diff: http://git-wip-us.apache.org/repos/asf/incubator-unomi/diff/8f6f2472 Branch: refs/heads/master Commit: 8f6f2472d8514462ab47489b8a04146abb4beea1 Parents: 2c5d5be Author: Serge Huber <[email protected]> Authored: Wed Jul 5 09:19:21 2017 +0200 Committer: Serge Huber <[email protected]> Committed: Wed Jul 5 09:19:31 2017 +0200 ---------------------------------------------------------------------- .../actions/MergeProfilesOnPropertyAction.java | 39 ++++++++++++-------- .../resources/OSGI-INF/blueprint/blueprint.xml | 2 + .../org/apache/unomi/web/ContextServlet.java | 29 +++++++++++---- .../java/org/apache/unomi/web/HttpUtils.java | 8 +--- .../resources/OSGI-INF/blueprint/blueprint.xml | 7 ++++ wab/src/main/resources/org.apache.unomi.web.cfg | 8 +++- 6 files changed, 62 insertions(+), 31 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-unomi/blob/8f6f2472/plugins/baseplugin/src/main/java/org/apache/unomi/plugins/baseplugin/actions/MergeProfilesOnPropertyAction.java ---------------------------------------------------------------------- diff --git a/plugins/baseplugin/src/main/java/org/apache/unomi/plugins/baseplugin/actions/MergeProfilesOnPropertyAction.java b/plugins/baseplugin/src/main/java/org/apache/unomi/plugins/baseplugin/actions/MergeProfilesOnPropertyAction.java index 12def48..b908586 100644 --- a/plugins/baseplugin/src/main/java/org/apache/unomi/plugins/baseplugin/actions/MergeProfilesOnPropertyAction.java +++ b/plugins/baseplugin/src/main/java/org/apache/unomi/plugins/baseplugin/actions/MergeProfilesOnPropertyAction.java @@ -26,10 +26,7 @@ import org.apache.unomi.api.actions.Action; import org.apache.unomi.api.actions.ActionExecutor; import org.apache.unomi.api.actions.ActionPostExecutor; import org.apache.unomi.api.conditions.Condition; -import org.apache.unomi.api.services.DefinitionsService; -import org.apache.unomi.api.services.EventService; -import org.apache.unomi.api.services.PrivacyService; -import org.apache.unomi.api.services.ProfileService; +import org.apache.unomi.api.services.*; import org.apache.unomi.persistence.spi.PersistenceService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -45,9 +42,9 @@ public class MergeProfilesOnPropertyAction implements ActionExecutor { private static final Logger logger = LoggerFactory.getLogger(MergeProfilesOnPropertyAction.class.getName()); - private final int MAX_COOKIE_AGE_IN_SECONDS = 60 * 60 * 24 * 365 * 10; // 10-years - private int cookieAgeInSeconds = MAX_COOKIE_AGE_IN_SECONDS; private String profileIdCookieName = "context-profile-id"; + private String profileIdCookieDomain; + private int profileIdCookieMaxAgeInSeconds; private ProfileService profileService; @@ -59,9 +56,7 @@ public class MergeProfilesOnPropertyAction implements ActionExecutor { private PrivacyService privacyService; - public void setCookieAgeInSeconds(int cookieAgeInSeconds) { - this.cookieAgeInSeconds = cookieAgeInSeconds; - } + private ConfigSharingService configSharingService; public void setProfileIdCookieName(String profileIdCookieName) { this.profileIdCookieName = profileIdCookieName; @@ -99,7 +94,14 @@ public class MergeProfilesOnPropertyAction implements ActionExecutor { this.definitionsService = definitionsService; } + public void setConfigSharingService(ConfigSharingService configSharingService) { + this.configSharingService = configSharingService; + } + public int execute(Action action, Event event) { + profileIdCookieName = (String) configSharingService.getProperty("profileIdCookieName"); + profileIdCookieDomain = (String) configSharingService.getProperty("profileIdCookieDomain"); + profileIdCookieMaxAgeInSeconds = (Integer) configSharingService.getProperty("profileIdCookieMaxAgeInSeconds"); Profile profile = event.getProfile(); if (profile instanceof Persona || profile.isAnonymousProfile()) { @@ -153,7 +155,7 @@ public class MergeProfilesOnPropertyAction implements ActionExecutor { logger.info("Different users, switch to " + profile.getItemId()); HttpServletResponse httpServletResponse = (HttpServletResponse) event.getAttributes().get(Event.HTTP_RESPONSE_ATTRIBUTE); - sendProfileCookie(profile, httpServletResponse); + sendProfileCookie(profile, httpServletResponse, profileIdCookieName, profileIdCookieDomain, profileIdCookieMaxAgeInSeconds); // At the end of the merge, we must set the merged profile as profile event to process other Actions event.setProfileId(profile.getItemId()); @@ -187,7 +189,7 @@ public class MergeProfilesOnPropertyAction implements ActionExecutor { // Profile has changed if (!masterProfile.getItemId().equals(profileId)) { HttpServletResponse httpServletResponse = (HttpServletResponse) event.getAttributes().get(Event.HTTP_RESPONSE_ATTRIBUTE); - sendProfileCookie(currentSession.getProfile(), httpServletResponse); + sendProfileCookie(currentSession.getProfile(), httpServletResponse, profileIdCookieName, profileIdCookieDomain, profileIdCookieMaxAgeInSeconds); final String masterProfileId = masterProfile.getItemId(); // At the end of the merge, we must set the merged profile as profile event to process other Actions @@ -244,13 +246,18 @@ public class MergeProfilesOnPropertyAction implements ActionExecutor { } } - public void sendProfileCookie(Profile profile, ServletResponse response) { + private static void sendProfileCookie(Profile profile, ServletResponse response, String profileIdCookieName, String profileIdCookieDomain, int cookieAgeInSeconds) { if (response instanceof HttpServletResponse) { HttpServletResponse httpServletResponse = (HttpServletResponse) response; - Cookie profileIdCookie = new Cookie(profileIdCookieName, profile.getItemId()); - profileIdCookie.setPath("/"); - profileIdCookie.setMaxAge(cookieAgeInSeconds); - httpServletResponse.addCookie(profileIdCookie); + if (!(profile instanceof Persona)) { + Cookie profileIdCookie = new Cookie(profileIdCookieName, profile.getItemId()); + profileIdCookie.setPath("/"); + if (profileIdCookieDomain != null && !profileIdCookieDomain.equals("")) { + profileIdCookie.setDomain(profileIdCookieDomain); + } + profileIdCookie.setMaxAge(cookieAgeInSeconds); + httpServletResponse.addCookie(profileIdCookie); + } } } http://git-wip-us.apache.org/repos/asf/incubator-unomi/blob/8f6f2472/plugins/baseplugin/src/main/resources/OSGI-INF/blueprint/blueprint.xml ---------------------------------------------------------------------- diff --git a/plugins/baseplugin/src/main/resources/OSGI-INF/blueprint/blueprint.xml b/plugins/baseplugin/src/main/resources/OSGI-INF/blueprint/blueprint.xml index d6c1b10..e355308 100644 --- a/plugins/baseplugin/src/main/resources/OSGI-INF/blueprint/blueprint.xml +++ b/plugins/baseplugin/src/main/resources/OSGI-INF/blueprint/blueprint.xml @@ -25,6 +25,7 @@ <reference id="privacyService" interface="org.apache.unomi.api.services.PrivacyService"/> <reference id="segmentService" interface="org.apache.unomi.api.services.SegmentService"/> <reference id="eventService" interface="org.apache.unomi.api.services.EventService"/> + <reference id="configSharingService" interface="org.apache.unomi.api.services.ConfigSharingService" /> <service interface="org.apache.unomi.persistence.elasticsearch.conditions.ConditionESQueryBuilder"> @@ -217,6 +218,7 @@ <property name="persistenceService" ref="persistenceService"/> <property name="definitionsService" ref="definitionsService"/> <property name="privacyService" ref="privacyService"/> + <property name="configSharingService" ref="configSharingService" /> </bean> </service> http://git-wip-us.apache.org/repos/asf/incubator-unomi/blob/8f6f2472/wab/src/main/java/org/apache/unomi/web/ContextServlet.java ---------------------------------------------------------------------- diff --git a/wab/src/main/java/org/apache/unomi/web/ContextServlet.java b/wab/src/main/java/org/apache/unomi/web/ContextServlet.java index ba8071e..245dc94 100644 --- a/wab/src/main/java/org/apache/unomi/web/ContextServlet.java +++ b/wab/src/main/java/org/apache/unomi/web/ContextServlet.java @@ -22,10 +22,7 @@ import com.fasterxml.jackson.databind.ObjectMapper; import org.apache.commons.io.IOUtils; import org.apache.unomi.api.*; import org.apache.unomi.api.conditions.Condition; -import org.apache.unomi.api.services.EventService; -import org.apache.unomi.api.services.PrivacyService; -import org.apache.unomi.api.services.ProfileService; -import org.apache.unomi.api.services.RulesService; +import org.apache.unomi.api.services.*; import org.apache.unomi.persistence.spi.CustomObjectMapper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -56,13 +53,19 @@ public class ContextServlet extends HttpServlet { private EventService eventService; private RulesService rulesService; private PrivacyService privacyService; + private ConfigSharingService configSharingService; private String profileIdCookieName = "context-profile-id"; private String profileIdCookieDomain; + private static final int MAX_COOKIE_AGE_IN_SECONDS = 60 * 60 * 24 * 365; // 1 year + private int profileIdCookieMaxAgeInSeconds = MAX_COOKIE_AGE_IN_SECONDS; @Override public void init(ServletConfig config) throws ServletException { super.init(config); + configSharingService.setProperty("profileIdCookieName", profileIdCookieName); + configSharingService.setProperty("profileIdCookieDomain", profileIdCookieDomain); + configSharingService.setProperty("profileIdCookieMaxAgeInSeconds", (Integer) profileIdCookieMaxAgeInSeconds); logger.info("ContextServlet initialized."); } @@ -169,7 +172,7 @@ public class ContextServlet extends HttpServlet { if (!profile.isAnonymousProfile() && !anonymousProfile && !profile.getItemId().equals(sessionProfile.getItemId())) { // Session user has been switched, profile id in cookie is not uptodate profile = sessionProfile; - HttpUtils.sendProfileCookie(profile, response, profileIdCookieName, profileIdCookieDomain); + HttpUtils.sendProfileCookie(profile, response, profileIdCookieName, profileIdCookieDomain, profileIdCookieMaxAgeInSeconds); } Boolean requireAnonymousBrowsing = privacyService.isRequireAnonymousBrowsing(profile.getItemId()); @@ -280,7 +283,7 @@ public class ContextServlet extends HttpServlet { session.setProfile(profile); profileService.saveSession(session); } - HttpUtils.sendProfileCookie(profile, response, profileIdCookieName, profileIdCookieDomain); + HttpUtils.sendProfileCookie(profile, response, profileIdCookieName, profileIdCookieDomain, profileIdCookieMaxAgeInSeconds); } else { logger.warn("Couldn't find merged profile" + profileId + ", falling back to profile " + profileToDelete.getItemId()); profile = profileToDelete; @@ -410,7 +413,7 @@ public class ContextServlet extends HttpServlet { } profile = new Profile(profileId); profile.setProperty("firstVisit", timestamp); - HttpUtils.sendProfileCookie(profile, response, profileIdCookieName, profileIdCookieDomain); + HttpUtils.sendProfileCookie(profile, response, profileIdCookieName, profileIdCookieDomain, profileIdCookieMaxAgeInSeconds); return profile; } @@ -435,7 +438,19 @@ public class ContextServlet extends HttpServlet { this.profileIdCookieDomain = profileIdCookieDomain; } + public void setProfileIdCookieName(String profileIdCookieName) { + this.profileIdCookieName = profileIdCookieName; + } + + public void setProfileIdCookieMaxAgeInSeconds(int profileIdCookieMaxAgeInSeconds) { + this.profileIdCookieMaxAgeInSeconds = profileIdCookieMaxAgeInSeconds; + } + public void setPrivacyService(PrivacyService privacyService) { this.privacyService = privacyService; } + + public void setConfigSharingService(ConfigSharingService configSharingService) { + this.configSharingService = configSharingService; + } } http://git-wip-us.apache.org/repos/asf/incubator-unomi/blob/8f6f2472/wab/src/main/java/org/apache/unomi/web/HttpUtils.java ---------------------------------------------------------------------- diff --git a/wab/src/main/java/org/apache/unomi/web/HttpUtils.java b/wab/src/main/java/org/apache/unomi/web/HttpUtils.java index 8afb091..8965aad 100644 --- a/wab/src/main/java/org/apache/unomi/web/HttpUtils.java +++ b/wab/src/main/java/org/apache/unomi/web/HttpUtils.java @@ -32,10 +32,6 @@ import java.util.Map; public class HttpUtils { - private static final int MAX_COOKIE_AGE_IN_SECONDS = 60 * 60 * 24 * 365 * 10; // 10-years - - private static int cookieAgeInSeconds = MAX_COOKIE_AGE_IN_SECONDS; - public static void setupCORSHeaders(HttpServletRequest httpServletRequest, ServletResponse response) throws IOException { if (response instanceof HttpServletResponse) { HttpServletResponse httpServletResponse = (HttpServletResponse) response; @@ -107,7 +103,7 @@ public class HttpUtils { return baseRequestURL; } - public static void sendProfileCookie(Profile profile, ServletResponse response, String profileIdCookieName, String profileIdCookieDomain) { + public static void sendProfileCookie(Profile profile, ServletResponse response, String profileIdCookieName, String profileIdCookieDomain, int profileIdCookieMaxAgeInSeconds) { if (response instanceof HttpServletResponse) { HttpServletResponse httpServletResponse = (HttpServletResponse) response; if (!(profile instanceof Persona)) { @@ -116,7 +112,7 @@ public class HttpUtils { if (profileIdCookieDomain != null && !profileIdCookieDomain.equals("")) { profileIdCookie.setDomain(profileIdCookieDomain); } - profileIdCookie.setMaxAge(cookieAgeInSeconds); + profileIdCookie.setMaxAge(profileIdCookieMaxAgeInSeconds); httpServletResponse.addCookie(profileIdCookie); } } http://git-wip-us.apache.org/repos/asf/incubator-unomi/blob/8f6f2472/wab/src/main/resources/OSGI-INF/blueprint/blueprint.xml ---------------------------------------------------------------------- diff --git a/wab/src/main/resources/OSGI-INF/blueprint/blueprint.xml b/wab/src/main/resources/OSGI-INF/blueprint/blueprint.xml index 6103121..b38a97a 100644 --- a/wab/src/main/resources/OSGI-INF/blueprint/blueprint.xml +++ b/wab/src/main/resources/OSGI-INF/blueprint/blueprint.xml @@ -26,20 +26,27 @@ <reference id="eventService" interface="org.apache.unomi.api.services.EventService"/> <reference id="rulesService" interface="org.apache.unomi.api.services.RulesService"/> <reference id="privacyService" interface="org.apache.unomi.api.services.PrivacyService"/> + <reference id="configSharingService" interface="org.apache.unomi.api.services.ConfigSharingService" /> <cm:property-placeholder persistent-id="org.apache.unomi.web" update-strategy="reload" placeholder-prefix="${web."> <cm:default-properties> <cm:property name="contextserver.domain" value=""/> + <cm:property name="contextserver.profileIdCookieName" value="context-profile-id"/> + <cm:property name="contextserver.profileIdCookieMaxAgeInSeconds" value="31536000"/> <!-- 1 year by default --> </cm:default-properties> </cm:property-placeholder> + <bean id="contextServlet" class="org.apache.unomi.web.ContextServlet"> <property name="profileService" ref="profileService"/> <property name="eventService" ref="eventService"/> <property name="rulesService" ref="rulesService"/> <property name="privacyService" ref="privacyService" /> + <property name="configSharingService" ref="configSharingService"/> <property name="profileIdCookieDomain" value="${web.contextserver.domain}" /> + <property name="profileIdCookieName" value="${web.contextserver.profileIdCookieName}"/> + <property name="profileIdCookieMaxAgeInSeconds" value="${web.contextserver.profileIdCookieMaxAgeInSeconds}"/> </bean> <service id="contextServletService" auto-export="interfaces" ref="contextServlet"> http://git-wip-us.apache.org/repos/asf/incubator-unomi/blob/8f6f2472/wab/src/main/resources/org.apache.unomi.web.cfg ---------------------------------------------------------------------- diff --git a/wab/src/main/resources/org.apache.unomi.web.cfg b/wab/src/main/resources/org.apache.unomi.web.cfg index 6556597..5918f84 100644 --- a/wab/src/main/resources/org.apache.unomi.web.cfg +++ b/wab/src/main/resources/org.apache.unomi.web.cfg @@ -15,6 +15,10 @@ # limitations under the License. # -# configure here the domain to use the for cookies setup by the Apache Unomi context servlet +# Configure here the domain to use the for cookies setup by the Apache Unomi context servlet # by default the current request will be used to set the domain. -# contextserver.domain= \ No newline at end of file +# contextserver.domain= +# This setting controls the name of the cookie use to track profiles using Apache Unomi +#contextserver.profileIdCookieName=context-profile-id +# This setting controls the maximum age of the profile cookie. By default it is set to a year. +#contextserver.profileIdCookieMaxAgeInSeconds=31536000 \ No newline at end of file
