Allow the user authentication cookie name to be customized so that we can

end this annoying conflict between dev and production.


git-svn-id: https://samskivert.googlecode.com/svn/trunk@1313 6335cc39-0255-0410-8fd6-9bcaacd3b74c
This commit is contained in:
mdb
2003-11-15 20:14:32 +00:00
parent 934bf04e41
commit d13944dffe
@@ -1,5 +1,5 @@
//
// $Id: UserManager.java,v 1.25 2003/10/20 00:49:04 mdb Exp $
// $Id: UserManager.java,v 1.26 2003/11/15 20:14:32 mdb Exp $
//
// samskivert library - useful routines for java programs
// Copyright (C) 2001 Michael Bayne
@@ -123,6 +123,12 @@ public class UserManager
"Authentication won't work.");
}
// look up any override to our user auth cookie
String authCook = config.getProperty("userauth_cookie");
if (!StringUtil.blank(authCook)) {
_userAuthCookie = authCook;
}
// register a cron job to prune the session table every hour
Interval pruner = new Interval() {
public void intervalExpired (int id, Object arg)
@@ -175,7 +181,7 @@ public class UserManager
public User loadUser (HttpServletRequest req)
throws PersistenceException
{
String authcode = CookieUtil.getCookieValue(req, USERAUTH_COOKIE);
String authcode = CookieUtil.getCookieValue(req, _userAuthCookie);
if (authcode != null) {
return _repository.loadUserBySession(authcode);
} else {
@@ -246,7 +252,7 @@ public class UserManager
// generate a new session for this user
String authcode = _repository.createNewSession(user, persist);
// stick it into a cookie for their browsing convenience
Cookie acookie = new Cookie(USERAUTH_COOKIE, authcode);
Cookie acookie = new Cookie(_userAuthCookie, authcode);
// strip the hostname from the server and use that as the domain
// unless configured not to
if (!"false".equalsIgnoreCase(
@@ -267,7 +273,7 @@ public class UserManager
*/
public void logout (HttpServletRequest req, HttpServletResponse rsp)
{
String authcode = CookieUtil.getCookieValue(req, USERAUTH_COOKIE);
String authcode = CookieUtil.getCookieValue(req, _userAuthCookie);
// nothing to do if they don't already have an auth cookie
if (authcode == null) {
@@ -275,7 +281,7 @@ public class UserManager
}
// set them up the bomb
Cookie c = new Cookie(USERAUTH_COOKIE, "x");
Cookie c = new Cookie(_userAuthCookie, "x");
c.setPath("/");
c.setMaxAge(0);
CookieUtil.widenDomain(req, c);
@@ -283,7 +289,7 @@ public class UserManager
// we need an unwidened one to ensure that old-style cookies are
// wiped as well
c = new Cookie(USERAUTH_COOKIE, "x");
c = new Cookie(_userAuthCookie, "x");
c.setPath("/");
c.setMaxAge(0);
rsp.addCookie(c);
@@ -301,6 +307,9 @@ public class UserManager
/** The URL for the user login page. */
protected String _loginURL;
/** The name of our user authentication cookie. */
protected String _userAuthCookie = USERAUTH_COOKIE;
/** The user authentication cookie name. */
protected static final String USERAUTH_COOKIE = "id_";