Examples with Cookie org.apache.shiro.web.servlet.Cookie used on opensource projects

Example 1 with Cookie

use of org.apache.shiro.web.servlet.Cookie in project vip by guangdada.

the class ShiroConfig method defaultWebSessionManager.

/**
 * session管理器(单机环境)
 */
@Bean
@ConditionalOnProperty(prefix = "guns", name = "spring-session-open", havingValue = "false")
public DefaultWebSessionManager defaultWebSessionManager(CacheManager cacheShiroManager, GunsProperties gunsProperties) {
    DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
    sessionManager.setCacheManager(cacheShiroManager);
    sessionManager.setSessionValidationInterval(gunsProperties.getSessionValidationInterval() * 1000);
    sessionManager.setGlobalSessionTimeout(gunsProperties.getSessionInvalidateTime() * 1000);
    sessionManager.setDeleteInvalidSessions(true);
    sessionManager.setSessionValidationSchedulerEnabled(true);
    Cookie cookie = new SimpleCookie(ShiroHttpSession.DEFAULT_SESSION_ID_NAME);
    cookie.setName("shiroCookie");
    cookie.setHttpOnly(true);
    sessionManager.setSessionIdCookie(cookie);
    return sessionManager;
}

Example 2 with Cookie

use of org.apache.shiro.web.servlet.Cookie in project shiro by apache.

the class CookieRememberMeManager method rememberSerializedIdentity.

/**
 * Base64-encodes the specified serialized byte array and sets that base64-encoded String as the cookie value.
 * <p/>
 * The {@code subject} instance is expected to be a {@link WebSubject} instance with an HTTP Request/Response pair
 * so an HTTP cookie can be set on the outgoing response.  If it is not a {@code WebSubject} or that
 * {@code WebSubject} does not have an HTTP Request/Response pair, this implementation does nothing.
 *
 * @param subject    the Subject for which the identity is being serialized.
 * @param serialized the serialized bytes to be persisted.
 */
protected void rememberSerializedIdentity(Subject subject, byte[] serialized) {
    if (!WebUtils.isHttp(subject)) {
        if (log.isDebugEnabled()) {
            String msg = "Subject argument is not an HTTP-aware instance.  This is required to obtain a servlet " + "request and response in order to set the rememberMe cookie. Returning immediately and " + "ignoring rememberMe operation.";
            log.debug(msg);
        }
        return;
    }
    HttpServletRequest request = WebUtils.getHttpRequest(subject);
    HttpServletResponse response = WebUtils.getHttpResponse(subject);
    // base 64 encode it and store as a cookie:
    String base64 = Base64.encodeToString(serialized);
    // the class attribute is really a template for the outgoing cookies
    Cookie template = getCookie();
    Cookie cookie = new SimpleCookie(template);
    cookie.setValue(base64);
    cookie.saveTo(request, response);
}

Example 3 with Cookie

use of org.apache.shiro.web.servlet.Cookie in project shiro by apache.

the class DefaultWebSessionManager method storeSessionId.

private void storeSessionId(Serializable currentId, HttpServletRequest request, HttpServletResponse response) {
    if (currentId == null) {
        String msg = "sessionId cannot be null when persisting for subsequent requests.";
        throw new IllegalArgumentException(msg);
    }
    Cookie template = getSessionIdCookie();
    Cookie cookie = new SimpleCookie(template);
    String idString = currentId.toString();
    cookie.setValue(idString);
    cookie.saveTo(request, response);
    log.trace("Set session ID cookie for session with id {}", idString);
}

Example 4 with Cookie

use of org.apache.shiro.web.servlet.Cookie in project shiro by apache.

the class AbstractShiroWebConfiguration method buildCookie.

protected Cookie buildCookie(String name, int maxAge, String path, String domain, boolean secure) {
    Cookie cookie = new SimpleCookie(name);
    cookie.setHttpOnly(true);
    cookie.setMaxAge(maxAge);
    cookie.setPath(path);
    cookie.setDomain(domain);
    cookie.setSecure(secure);
    return cookie;
}