[16/35] ambari git commit: AMBARI-21675.Add Secure Flag to Cookie / JSESSIONID in Zeppelin(Prabhjyot Singh via Venkata Sairam)

Tue, 22 Aug 2017 11:02:52 -0700 

AMBARI-21675.Add Secure Flag to Cookie / JSESSIONID in Zeppelin(Prabhjyot Singh 
via Venkata Sairam)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/6fb37195
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/6fb37195
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/6fb37195

Branch: refs/heads/branch-feature-logsearch-ui
Commit: 6fb371957ad5612e3a6b2c639dec559aacf5a15d
Parents: 705a62b
Author: Venkata Sairam <venkatasairam.la...@gmail.com>
Authored: Mon Aug 21 14:03:58 2017 +0530
Committer: Venkata Sairam <venkatasairam.la...@gmail.com>
Committed: Mon Aug 21 14:03:58 2017 +0530

----------------------------------------------------------------------
 .../ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml    | 6 ++++++
 1 file changed, 6 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/6fb37195/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
----------------------------------------------------------------------
diff --git 
a/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
 
b/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
index 971e4af..742f5be 100644
--- 
a/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
+++ 
b/ambari-server/src/main/resources/common-services/ZEPPELIN/0.6.0.2.5/configuration/zeppelin-shiro-ini.xml
@@ -61,6 +61,12 @@ sessionManager = 
org.apache.shiro.web.session.mgt.DefaultWebSessionManager
 cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
 securityManager.cacheManager = $cacheManager
 
+cookie = org.apache.shiro.web.servlet.SimpleCookie
+cookie.name = JSESSIONID
+cookie.secure = true
+cookie.httpOnly = true
+sessionManager.sessionIdCookie = $cookie
+
 securityManager.sessionManager = $sessionManager
 # 86,400,000 milliseconds = 24 hour
 securityManager.sessionManager.globalSessionTimeout = 86400000

Reply via email to