X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-os%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Futil%2FSessionCookieUtil.java;h=05765021be029f0a461e596d8c5ef81339622704;hb=2bd47b537ff4fa78ae8f38758900022df6344cdb;hp=edb5ebb6e7282260863e428c4e9d8f93329ec6cb;hpb=21a8761f684745bb300e075c7e98ad897ace9eed;p=portal.git diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java index edb5ebb6..05765021 100644 --- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java +++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java @@ -33,30 +33,23 @@ * * ============LICENSE_END============================================ * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * */ package org.onap.portalapp.util; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; -import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.onap.portalsdk.core.onboarding.listener.PortalTimeoutHandler; import org.onap.portalsdk.core.onboarding.util.CipherUtil; -import org.onap.portalsdk.core.onboarding.util.PortalApiConstants; -import org.onap.portalsdk.core.util.SystemProperties; -import org.onap.portalsdk.core.web.support.AppUtils; +import org.onap.portalsdk.core.onboarding.util.KeyConstants; +import org.onap.portalsdk.core.onboarding.util.KeyProperties; -public class SessionCookieUtil { +public class SessionCookieUtil extends CommonSessionCookieUtil{ //private static final String JSESSIONID = "JSESSIONID"; - private static final String EP_SERVICE = "EPService"; private static final String USER_ID = "UserId"; - private static Integer cookieMaxAge = -1; - private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionCookieUtil.class); public static void preSetUp(HttpServletRequest request, HttpServletResponse response) { @@ -69,6 +62,7 @@ public class SessionCookieUtil { HttpServletResponse response) { String jSessionId = getJessionId(request); Cookie cookie1 = new Cookie(EP_SERVICE, jSessionId); + cookie1.setSecure(true); cookie1.setMaxAge(cookieMaxAge); cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN)); cookie1.setPath("/"); @@ -78,9 +72,10 @@ public class SessionCookieUtil { public static void setUpUserIdCookie(HttpServletRequest request, HttpServletResponse response,String userId) throws Exception { logger.info("************** session cookie util set up UserId cookie begins"); - userId = CipherUtil.encryptPKC(userId, - SystemProperties.getProperty(SystemProperties.Decryption_Key)); + userId = CipherUtil.encrypt(userId, + KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY)); Cookie cookie1 = new Cookie(USER_ID, userId); + cookie1.setSecure(true); cookie1.setMaxAge(cookieMaxAge); cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN)); cookie1.setPath("/"); @@ -98,49 +93,11 @@ public class SessionCookieUtil { if (cookie.getName().equals(USER_ID)) userIdcookie = cookie; if(userIdcookie!=null){ - userId = CipherUtil.decryptPKC(userIdcookie.getValue(), - SystemProperties.getProperty(SystemProperties.Decryption_Key)); + userId = CipherUtil.decrypt(userIdcookie.getValue(), + KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY)); } logger.info("************** session cookie util set up EP cookie completed"); return userId; } - - public static String getJessionId(HttpServletRequest request){ - - return request.getSession().getId(); - /* - Cookie ep = WebUtils.getCookie(request, JSESSIONID); - if(ep==null){ - return request.getSession().getId(); - } - return ep.getValue(); - */ - } - - protected static void initateSessionMgtHandler(HttpServletRequest request) { - String jSessionId = getJessionId(request); - storeMaxInactiveTime(request); - PortalTimeoutHandler.sessionCreated(jSessionId, jSessionId, AppUtils.getSession(request)); - } - - protected static void storeMaxInactiveTime(HttpServletRequest request) { - HttpSession session = AppUtils.getSession(request); - if(session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME) == null) - session.setAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME,session.getMaxInactiveInterval()); - } - - public static void resetSessionMaxIdleTimeOut(HttpServletRequest request) { - try { - HttpSession session = AppUtils.getSession(request); - final Object maxIdleAttribute = session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME); - if(session != null && maxIdleAttribute != null) { - session.setMaxInactiveInterval(Integer.parseInt(maxIdleAttribute.toString())); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "resetSessionMaxIdleTimeOut failed", e); - } - - } - }