hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-13 13:03:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added setSecure option to authetication cookie

Browse Source
This commit is contained in:
Giuseppe Digilio
2020-02-05 11:49:59 +01:00
parent c63b88141c
commit 0336e83124
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
dspace-server-webapp/src/main/java/org/dspace/app/rest/security/jwt/JWTTokenRestAuthenticationServiceImpl.java
View File

@@ -160,6 +160,7 @@ public class JWTTokenRestAuthenticationServiceImpl implements RestAuthentication
if (addCookie) { if (addCookie) {
Cookie cookie = new Cookie(AUTHORIZATION_COOKIE, token); Cookie cookie = new Cookie(AUTHORIZATION_COOKIE, token);
cookie.setHttpOnly(true); cookie.setHttpOnly(true);
cookie.setSecure(true);
response.addCookie(cookie); response.addCookie(cookie);
} }
response.setHeader(AUTHORIZATION_HEADER, String.format("%s %s", AUTHORIZATION_TYPE, token)); response.setHeader(AUTHORIZATION_HEADER, String.format("%s %s", AUTHORIZATION_TYPE, token));