LoginWorker.java

doogie Fri, 28 Jun 2013 12:09:43 -0700

Author: doogie
Date: Fri Jun 28 19:08:24 2013
New Revision: 1497891

URL: http://svn.apache.org/r1497891
Log:
FEATURE: Allow for externalLoginKey parameter generation to be turned
off; the use for this feature will become apparent shortly.


Modified:
    ofbiz/trunk/framework/security/config/security.properties
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java

Modified: ofbiz/trunk/framework/security/config/security.properties
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/config/security.properties?rev=1497891&r1=1497890&r2=1497891&view=diff
==============================================================================
--- ofbiz/trunk/framework/security/config/security.properties (original)
+++ ofbiz/trunk/framework/security/config/security.properties Fri Jun 28 
19:08:24 2013
@@ -124,3 +124,6 @@ protect-view.preprocessor=java.org.ofbiz
 # -- Name of the default error response view for protected views ("none:" will 
be rendered as a blank page, see RequestHandler.java)
 #default.error.response.view=none:
 default.error.response.view=view:viewBlocked
+
+# If false, then no externalLoginKey parameters will be added to cross-webapp 
urls
+security.login.externalLoginKey.enabled=true

Modified: 
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=1497891&r1=1497890&r2=1497891&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java 
(original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java 
Fri Jun 28 19:08:24 2013
@@ -121,6 +121,10 @@ public class LoginWorker {
      * Gets (and creates if necessary) a key to be used for an external login 
parameter
      */
     public static String getExternalLoginKey(HttpServletRequest request) {
+        boolean externalLoginKeyEnabled = 
"true".equals(UtilProperties.getPropertyValue("security", 
"security.login.externalLoginKey.enabled", "true"));
+        if (!externalLoginKeyEnabled) {
+            return null;
+        }
         //Debug.logInfo("Running getExternalLoginKey, externalLoginKeys.size=" 
+ externalLoginKeys.size(), module);
         GenericValue userLogin = (GenericValue) 
request.getAttribute("userLogin");

svn commit: r1497891 - in /ofbiz/trunk/framework: security/config/security.properties webapp/src/org/ofbiz/webapp/control/LoginWorker.java

Reply via email to