[jbossseam-issues] [JBoss JIRA] Closed: (JBSEAM-3885) Make CookiePath for RememberMe cookies optionally fixed

Shane Bryzak (JIRA) jira-events at lists.jboss.org
Tue Mar 17 05:15:22 EDT 2009

     [ https://jira.jboss.org/jira/browse/JBSEAM-3885?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Shane Bryzak closed JBSEAM-3885.

    Fix Version/s: 2.1.2.CR1
       Resolution: Done

The cookie path can now be customized by overriding RememberMe.getCookiePath().

> Make CookiePath for RememberMe cookies optionally fixed
> -------------------------------------------------------
>                 Key: JBSEAM-3885
>                 URL: https://jira.jboss.org/jira/browse/JBSEAM-3885
>             Project: Seam
>          Issue Type: Feature Request
>          Components: Security
>    Affects Versions: 2.1.1.GA
>            Reporter: Klaasjan te Voortwis
>            Assignee: Shane Bryzak
>             Fix For: 2.1.2.CR1
> The RememberMe cookies are stored on the same path as where the page was served from. 
> When providing a user/pass field in the top of all pages, a user can for example
> - log in on http://domain.name/issuesystem/issue/create.seam, and mark RememberMe true
> - come back to the site http://domain.name/someotherpath, and now the user is not logged in
> (optionally) fixing the CookiePath for the RememberMe cookies to "/" instead of ctx.getExternalContext().getRequestContextPath() will solve this issue.
> Setting the cookiePath is done in RememberMe.java on lines 221 and 238.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the seam-issues mailing list