public void setRememberMeCookie(
String principal,
HttpServletResponse httpServletResponse,
HttpServletRequest httpServletRequest) {
if (!isRememberMeEnabled()) {
return;
}
try {
CookieSettings settings = securitySystem.getPolicy().getRememberMeCookieSettings();
int timeout = settings.getCookieTimeout();
KeyManager keyManager = securitySystem.getKeyManager();
AuthenticationKey authkey = keyManager.createKey(principal, "Remember Me Key", timeout);
Cookie cookie =
createCookie(
REMEMBER_ME_KEY,
authkey.getKey(),
settings.getDomain(),
settings.getPath(),
httpServletRequest);
if (timeout > 0) {
cookie.setMaxAge(timeout);
}
httpServletResponse.addCookie(cookie);
} catch (KeyManagerException e) {
log.warn("Unable to set remember me cookie.");
}
}
public void setSignonCookie(
String principal,
HttpServletResponse httpServletResponse,
HttpServletRequest httpServletRequest) {
try {
CookieSettings settings = securitySystem.getPolicy().getSignonCookieSettings();
int timeout = settings.getCookieTimeout();
KeyManager keyManager = securitySystem.getKeyManager();
AuthenticationKey authkey = keyManager.createKey(principal, "Signon Session Key", timeout);
/* The path must remain as "/" in order for SSO to work on installations where the only
* all of the servers are installed into the same web container but under different
* web contexts.
*/
Cookie cookie =
createCookie(
SIGNON_KEY,
authkey.getKey(),
settings.getDomain(),
settings.getPath(),
httpServletRequest);
if (timeout > 0) {
cookie.setMaxAge(timeout);
}
httpServletResponse.addCookie(cookie);
} catch (KeyManagerException e) {
log.warn("Unable to set single sign on cookie.");
}
}
