Repository: knox
Updated Branches:
refs/heads/master 9b5665be7 -> 6f4555418
KNOX-1190 - Compress cookies set by Pac4J, in some cases the cookie size
exceeds 4K and cause them not to set.
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/6f455541
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/6f455541
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/6f455541
Branch: refs/heads/master
Commit: 6f45554182d122a39511a6d145d5f99b4cc19c50
Parents: 9b5665b
Author: Sandeep More
Authored: Thu Mar 8 09:44:56 2018 -0500
Committer: Sandeep More
Committed: Thu Mar 8 09:44:56 2018 -0500
--
.../pac4j/filter/Pac4jDispatcherFilter.java | 18 -
.../gateway/pac4j/session/KnoxSessionStore.java | 73 +---
2 files changed, 82 insertions(+), 9 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/knox/blob/6f455541/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jDispatcherFilter.java
--
diff --git
a/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jDispatcherFilter.java
b/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jDispatcherFilter.java
index 0086228..46186f6 100644
---
a/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jDispatcherFilter.java
+++
b/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jDispatcherFilter.java
@@ -17,6 +17,7 @@
*/
package org.apache.knox.gateway.pac4j.filter;
+import org.apache.commons.lang.StringUtils;
import org.apache.knox.gateway.i18n.messages.MessagesFactory;
import org.apache.knox.gateway.pac4j.Pac4jMessages;
import org.apache.knox.gateway.pac4j.session.KnoxSessionStore;
@@ -29,6 +30,8 @@ import
org.apache.knox.gateway.services.security.CryptoService;
import org.pac4j.config.client.PropertiesConfigFactory;
import org.pac4j.core.client.Client;
import org.pac4j.core.config.Config;
+import org.pac4j.core.context.session.J2ESessionStore;
+import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.http.client.indirect.IndirectBasicAuthClient;
import
org.pac4j.http.credentials.authenticator.test.SimpleTestUsernamePasswordAuthenticator;
@@ -71,6 +74,8 @@ public class Pac4jDispatcherFilter implements Filter {
private static final String PAC4J_CONFIG = "pac4j.config";
+ private static final String PAC4J_SESSION_STORE = "pac4j.session.store";
+
private CallbackFilter callbackFilter;
private SecurityFilter securityFilter;
@@ -160,7 +165,18 @@ public class Pac4jDispatcherFilter implements Filter {
securityFilter.setConfigOnly(config);
final String domainSuffix =
filterConfig.getInitParameter(PAC4J_COOKIE_DOMAIN_SUFFIX_PARAM);
-config.setSessionStore(new KnoxSessionStore(cryptoService, clusterName,
domainSuffix));
+final String sessionStoreVar =
filterConfig.getInitParameter(PAC4J_SESSION_STORE);
+
+SessionStore sessionStore;
+
+if(!StringUtils.isBlank(sessionStoreVar) &&
J2ESessionStore.class.getName().contains(sessionStoreVar) ) {
+ sessionStore = new J2ESessionStore();
+} else {
+ sessionStore = new KnoxSessionStore(cryptoService, clusterName,
domainSuffix);
+}
+
+config.setSessionStore(sessionStore);
+
}
private void addDefaultConfig(String clientNameParameter, Map properties) {
http://git-wip-us.apache.org/repos/asf/knox/blob/6f455541/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/session/KnoxSessionStore.java
--
diff --git
a/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/session/KnoxSessionStore.java
b/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/session/KnoxSessionStore.java
index 4ba55ea..0eb5322 100644
---
a/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/session/KnoxSessionStore.java
+++
b/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/session/KnoxSessionStore.java
@@ -18,6 +18,7 @@
package org.apache.knox.gateway.pac4j.session;
import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.io.IOUtils;
import org.apache.knox.gateway.services.security.CryptoService;
import org.apache.knox.gateway.services.security.EncryptionResult;
import org.apache.knox.gateway.util.Urls;
@@ -30,8 +31,13 @@ import org.pac4j.core.util.JavaSerializationHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.io.ByteArrayInputStream;
+import