Stop RequestFilter from creating session cookies
GENERAL
TESTING
GENERAL
TESTING
Description
Attachments
2
Activity
Show:
Matthew Jones April 24, 2018 at 10:33 AM
Bulk closing issues that have not been updated since 2015 and earlier. Please reopen if this is still an issue and you have new information or if this is a feature you'd like to still have consideration for.
Matthew Buckett January 27, 2014 at 12:08 PM
Attached is our patch for /dav
Aaron Zeckoski October 21, 2013 at 8:44 AM
Same question on the related webdav stuff. Otherwise I think this is only a partial fix
Aaron Zeckoski January 14, 2013 at 7:59 AM
This patch doesn't change anything by default from what I can see. It appears to simply allow override of the creation of cookies to disable their creation in certain cases. Is there a related webdav patch somewhere?
amberg1 January 14, 2013 at 1:24 AM
Needs review.
Have all web browsers go through our web single sign on solution (WebAuth) but allow users to authenticate directly to Sakai when using accessing WebDAV, we didn't want people bookmarking a /dav URL in their browser, entering their username/password and then using the authenticated session to continue to browse the rest of Sakai. To prevent this we added a flag to stop RequestFilter from ever setting cookies and set this flag in the WebDAV context initialisations.