[1/3] git commit: refs/heads/4.1 - Disable acceptence of old-fashion URL form for console access

Fri, 08 Mar 2013 18:05:10 -0800 

Disable acceptence of old-fashion URL form for console access


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/ddefdbfc
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/ddefdbfc
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/ddefdbfc

Branch: refs/heads/4.1
Commit: ddefdbfcec73b1dd72898d7b4d89db92587156ad
Parents: 889e76b
Author: Kelven Yang <[email protected]>
Authored: Thu Mar 7 18:39:33 2013 -0800
Committer: Kelven Yang <[email protected]>
Committed: Fri Mar 8 15:20:52 2013 -0800

----------------------------------------------------------------------
 .../ConsoleProxyHttpHandlerHelper.java             |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ddefdbfc/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
----------------------------------------------------------------------
diff --git 
a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java 
b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
index 7756d01..7f79bae 100644
--- 
a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
+++ 
b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyHttpHandlerHelper.java
@@ -49,7 +49,9 @@ public class ConsoleProxyHttpHandlerHelper {
         if(map.get("token") != null) {
             ConsoleProxyPasswordBasedEncryptor encryptor = new 
ConsoleProxyPasswordBasedEncryptor(
                 ConsoleProxy.getEncryptorPassword());
-            
+    
+            // make sure we get information from token only
+            map.clear();
             ConsoleProxyClientParam param = 
encryptor.decryptObject(ConsoleProxyClientParam.class, map.get("token"));
             if(param != null) {
                 if(param.getClientHostAddress() != null)
@@ -67,6 +69,9 @@ public class ConsoleProxyHttpHandlerHelper {
                 if(param.getTicket() != null)
                     map.put("ticket", param.getTicket());
             }
+        } else {
+               // we no longer accept information from parameter other than 
token 
+               map.clear();
         }
         
         return map;

Reply via email to