solomax commented on a change in pull request #462:
URL: https://github.com/apache/wicket/pull/462#discussion_r571750665
##########
File path:
wicket-core/src/main/java/org/apache/wicket/authentication/strategy/DefaultAuthenticationStrategy.java
##########
@@ -57,25 +65,50 @@
*
* @param cookieKey
* The name of the cookie
+ *
+ * @deprecated supply a crypt instead TODO remove in Wicket 10
*/
+ @Deprecated
public DefaultAuthenticationStrategy(final String cookieKey)
{
- this(cookieKey, defaultEncryptionKey(cookieKey));
+ this(cookieKey, defaultEncryptionKey());
}
- private static String defaultEncryptionKey(String cookieKey)
+ private static String defaultEncryptionKey()
{
- if (Application.exists())
- {
- return Application.get().getName();
- }
- return cookieKey;
+ return UUID.randomUUID().toString();
}
+ /**
+ * @deprecated supply a crypt instead TODO remove in Wicket 10
+ */
+ @Deprecated
Review comment:
Mayde it worth to add `forRemoval` instead of `TODO` :) ?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
