List of usage examples for javax.servlet.http Cookie setHttpOnly
public void setHttpOnly(boolean isHttpOnly)
From source file:ke.alphacba.cms.core.util.NoSessionIdUtils.java
private static void writeCookie(HttpServletResponse response, String loginCookieName, String domain, int cookieTime, String jsessionId, boolean httpOnly) { String cookieValue = new String(Base64.encodeBase64(new StringBuilder().append(loginCookieName) .append(new Date().getTime()).append(jsessionId).toString().getBytes())); Cookie cookie1 = new Cookie(loginCookieName, cookieValue); cookie1.setHttpOnly(true); cookie1.setMaxAge(cookieTime);/*w w w.j a v a 2 s . co m*/ cookie1.setPath("/"); cookie1.setDomain(domain); response.addCookie(cookie1); }
From source file:net.bluehornreader.web.WebUtils.java
private static void saveCookie(HttpServletResponse httpServletResponse, boolean secured, String name, String value, int expires) { Cookie cookie = new Cookie(name, value); cookie.setHttpOnly(true); cookie.setMaxAge(expires);// ww w .j a va 2 s.c o m cookie.setPath("/"); if (secured) { cookie.setSecure(true); } LOG.info(cookieAsString(cookie)); httpServletResponse.addCookie(cookie); }
From source file:com.erudika.scoold.utils.HttpUtils.java
/** * Sets a cookie.//from w w w . jav a 2 s . c o m * @param name the name * @param value the value * @param req HTTP request * @param res HTTP response * @param httpOnly HTTP only flag * @param maxAge max age */ public static void setRawCookie(String name, String value, HttpServletRequest req, HttpServletResponse res, boolean httpOnly, int maxAge) { if (StringUtils.isBlank(name) || value == null || req == null || res == null) { return; } Cookie cookie = new Cookie(name, value); cookie.setHttpOnly(httpOnly); cookie.setMaxAge(maxAge < 0 ? Config.SESSION_TIMEOUT_SEC : maxAge); cookie.setPath("/"); cookie.setSecure(req.isSecure()); res.addCookie(cookie); }
From source file:com.hp.octane.integrations.testhelpers.OctaneSecuritySimulationUtils.java
static private Cookie createSecurityCookie(String client, String secret) { Cookie result = new Cookie(SECURITY_COOKIE_NAME, String.join(SECURITY_TOKEN_SEPARATOR, Stream .of(client, secret, String.valueOf(System.currentTimeMillis())).collect(Collectors.toList()))); result.setHttpOnly(true); result.setDomain(".localhost"); return result; }
From source file:io.lavagna.web.helper.UserSession.java
private static void addRememberMeCookie(int userId, HttpServletRequest req, HttpServletResponse resp, UserRepository userRepository) { String token = userRepository.createRememberMeToken(userId); ////from ww w. j ava 2 s. c om Cookie c = new Cookie("LAVAGNA_REMEMBER_ME", userId + "," + token); c.setPath(req.getContextPath() + "/"); c.setHttpOnly(true); c.setMaxAge(60 * 60 * 24 * 365); // 1 year if (req.getServletContext().getSessionCookieConfig().isSecure()) { c.setSecure(true); } resp.addCookie(c); }
From source file:com.netsteadfast.greenstep.base.sys.UserCurrentCookie.java
public static void setCurrentId(HttpServletResponse response, String currentId, String sessionId, String account, String language) { try {/*from w w w. j av a 2s. co m*/ String value = currentId + Constants.ID_DELIMITER + sessionId + Constants.ID_DELIMITER + account + Constants.ID_DELIMITER + language; String encValue = EncryptorUtils.encrypt(Constants.getEncryptorKey1(), Constants.getEncryptorKey2(), value); encValue = SimpleUtils.toHex(encValue); Cookie cookie = new Cookie(Constants.APP_SITE_CURRENTID_COOKIE_NAME, encValue); cookie.setPath("/"); cookie.setValue(encValue); cookie.setMaxAge(60 * 60 * 24); // 1-day cookie.setHttpOnly(true); response.addCookie(cookie); } catch (Exception e) { e.printStackTrace(); } }
From source file:io.syndesis.rest.v1.handler.credential.CredentialHandler.java
static void removeCredentialCookies(final HttpServletRequest request, final HttpServletResponse response) { Arrays.stream(request.getCookies()) .filter(c -> c.getName().startsWith(CredentialFlowState.CREDENTIAL_PREFIX)).forEach(c -> { final Cookie removal = new Cookie(c.getName(), ""); removal.setPath("/"); removal.setMaxAge(0);/* w ww . jav a 2 s . com*/ removal.setHttpOnly(true); removal.setSecure(true); response.addCookie(removal); }); }
From source file:org.b3log.symphony.util.Sessions.java
/** * Logins the specified user from the specified request. * * <p>/*from www. j a v a 2 s. c om*/ * If no session of the specified request, do nothing. * </p> * * @param request the specified request * @param response the specified response * @param user the specified user, for example, <pre> * { * "oId": "", * "userPassword": "" * } * </pre> */ public static void login(final HttpServletRequest request, final HttpServletResponse response, final JSONObject user) { final HttpSession session = request.getSession(false); if (null == session) { LOGGER.warn("The session is null"); return; } session.setAttribute(User.USER, user); session.setAttribute(Common.CSRF_TOKEN, RandomStringUtils.randomAlphanumeric(12)); try { final JSONObject cookieJSONObject = new JSONObject(); cookieJSONObject.put(Keys.OBJECT_ID, user.optString(Keys.OBJECT_ID)); cookieJSONObject.put(Common.TOKEN, user.optString(User.USER_PASSWORD)); final Cookie cookie = new Cookie("b3log-latke", cookieJSONObject.toString()); cookie.setPath("/"); cookie.setMaxAge(COOKIE_EXPIRY); cookie.setHttpOnly(true); // HTTP Only response.addCookie(cookie); } catch (final Exception e) { LOGGER.log(Level.WARN, "Can not write cookie", e); } }
From source file:com.vmware.identity.samlservice.Shared.java
/** * Adding a browser session cookie to browser. * @param cookieName//from www . j av a 2 s . co m * @param cookieValue * @param response */ public static void addSessionCookie(String cookieName, String cookieValue, HttpServletResponse response) { Validate.notNull(response); if (cookieName == null || cookieName.isEmpty() || cookieValue == null || cookieValue.isEmpty()) { log.warn("Cookie name/value is null or empty. Ignoring."); return; } log.debug("Setting cookie " + cookieName + " value " + cookieValue); Cookie sessionCookie = new Cookie(cookieName, cookieValue); sessionCookie.setPath("/"); sessionCookie.setSecure(true); sessionCookie.setHttpOnly(true); response.addCookie(sessionCookie); }
From source file:org.jahia.params.valves.CookieAuthValveImpl.java
public static void createAndSendCookie(AuthValveContext authContext, JCRUserNode theUser, CookieAuthConfig cookieAuthConfig) { // now let's look for a free random cookie value key. String cookieUserKey = CookieAuthValveImpl.getAvailableCookieKey(cookieAuthConfig); // let's save the identifier for the user in the database try {//from w ww .j a v a 2 s. co m theUser.setProperty(cookieAuthConfig.getUserPropertyName(), cookieUserKey); theUser.getSession().save(); } catch (RepositoryException e) { logger.error(e.getMessage(), e); } // now let's save the same identifier in the cookie. String realm = theUser.getRealm(); Cookie authCookie = new Cookie(cookieAuthConfig.getCookieName(), cookieUserKey + (realm != null ? (":" + realm) : "")); authCookie.setPath(StringUtils.isNotEmpty(authContext.getRequest().getContextPath()) ? authContext.getRequest().getContextPath() : "/"); authCookie.setMaxAge(cookieAuthConfig.getMaxAgeInSeconds()); authCookie.setHttpOnly(cookieAuthConfig.isHttpOnly()); authCookie.setSecure(cookieAuthConfig.isSecure()); authContext.getResponse().addCookie(authCookie); }