Store Cookie in AccessController [message #1827857] |
Mon, 25 May 2020 17:49 |
Maak K Messages: 2 Registered: May 2020 |
Junior Member |
|
|
I have a custom AccessController which only triggers when a certain url is called. The url contains an access token which I can verify over a REST call.
I would now like to store a cookie, which automatically logs the user in, after re-opening the browser.
The basics seem to work - I can store and read my created principal on the session. However, as soon as a new session gets created, the cookie does not seem to be present anymore. The max age of the cookie is set to 36000 and in the console I can see that the cookie should get stored.
Store signed cookie 'sso.user.id' for 'User' - MDC[]
How can I persist my cookie properly?
CustomAccessController.java
@Override
public boolean handle(final HttpServletRequest req, final HttpServletResponse resp, final FilterChain chain) throws IOException, ServletException {
if (!"/customauth".equals(req.getPathInfo())) {
return false;
}
//Read query params and validate params over REST
boolean tokenIsValid = ...;
if (tokenIsValid) {
// force a new HTTP session to be created.
final HttpSession session = req.getSession(false);
if (session != null) {
session.invalidate();
}
// Put authenticated principal onto (new) HTTP session
storePrincipalToCookie(req, resp, principal); //default implementation from CookieAccessController
BEANS.get(ServletFilterHelper.class).putPrincipalOnSession(req, principal);
//Redirect to main application
BEANS.get(ServletFilterHelper.class).forwardTo(req, resp, "/");
BEANS.get(ServletFilterHelper.class).continueChainAsSubject(principal, req, resp, chain);
return true;
} else {
//User will fall into AnonymousAccessController
BEANS.get(ServletFilterHelper.class).forwardTo(req, resp, "/");
return false;
}
} ]
My AccessController gets executed before the default CookeAccessController.
UiServletFilter.java.java
if (m_customAccessController.handle(req, resp, chain)) {
return;
}
if (m_cookieAccessController.handle(req, resp, chain)) {
return;
}
Thanks for your help!
[Updated on: Mon, 25 May 2020 20:37] Report message to a moderator
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.04090 seconds