inteligr8/alfresco-keycloak
1
0
Fork 0
mirror of https://github.com/bmlong137/alfresco-keycloak.git synced 2025-09-10 14:11:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Automatic Share Keycloak reauth on session expiration; correct logout handling

Browse Source
This commit is contained in:
AFaust
2020-07-06 01:57:03 +02:00
parent 8c53046cb1
commit 169b1ddb15
2 changed files with 56 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
repository/src/main/java/de/acosix/alfresco/keycloak/repo/authentication/KeycloakAuthenticationFilter.java
View File

@@ -581,7 +581,7 @@ public class KeycloakAuthenticationFilter extends BaseAuthenticationFilter
final OIDCFilterSessionStore tokenStore) throws IOException, ServletException
{
final HttpSession session = req.getSession();
final Object keycloakAccount = session != null ? session.getAttribute(KeycloakAccount.class.getName()) : null;
final Object keycloakAccount = session.getAttribute(KeycloakAccount.class.getName());
if (keycloakAccount instanceof OidcKeycloakAccount)
{
final KeycloakSecurityContext keycloakSecurityContext = ((OidcKeycloakAccount) keycloakAccount).getKeycloakSecurityContext();
@@ -1144,8 +1144,8 @@ public class KeycloakAuthenticationFilter extends BaseAuthenticationFilter
final Cookie resetCookie = new Cookie(cookie.getName(), "");
resetCookie.setPath(context.getContextPath());
resetCookie.setMaxAge(0);
resetCookie.setHttpOnly(false);
resetCookie.setSecure(false);
resetCookie.setHttpOnly(true);
resetCookie.setSecure(req.isSecure());
res.addCookie(resetCookie);
});
}