From 1b612a5833505e95c5eda9ab6fa6fe71889125db Mon Sep 17 00:00:00 2001 From: Wendal Chen Date: Fri, 24 Apr 2020 18:52:18 +0800 Subject: [PATCH] =?UTF-8?q?update:=20=E6=94=AF=E6=8C=81jetty.session.cooki?= =?UTF-8?q?e.XXX=E9=85=8D=E7=BD=AE=E9=A1=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../nutz/boot/starter/jetty/JettyStarter.java | 22 ++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/nutzboot-starter/nutzboot-starter-jetty/src/main/java/org/nutz/boot/starter/jetty/JettyStarter.java b/nutzboot-starter/nutzboot-starter-jetty/src/main/java/org/nutz/boot/starter/jetty/JettyStarter.java index d9a80fef..5f5d720c 100644 --- a/nutzboot-starter/nutzboot-starter-jetty/src/main/java/org/nutz/boot/starter/jetty/JettyStarter.java +++ b/nutzboot-starter/nutzboot-starter-jetty/src/main/java/org/nutz/boot/starter/jetty/JettyStarter.java @@ -9,6 +9,7 @@ import java.util.Enumeration; import java.util.List; import java.util.zip.Deflater; +import javax.servlet.SessionCookieConfig; import javax.sql.DataSource; import javax.websocket.server.ServerContainer; import javax.websocket.server.ServerEndpoint; @@ -158,9 +159,15 @@ public class JettyStarter extends AbstractServletContainerStarter implements Ser @PropDoc(value = "cookie是否设置Secure" ,defaultValue = "false") public static final String PROP_SESSION_COOKIE_SECURE = PRE + "session.cookie.secure"; - - @PropDoc(value = "设置cookie的name" ,defaultValue = "false") + + @PropDoc(value = "设置cookie的name") public static final String PROP_SESSION_COOKIE_NAME = PRE + "session.cookie.name"; + + @PropDoc(value = "设置cookie的domain") + public static final String PROP_SESSION_COOKIE_DOMAIN = PRE + "session.cookie.domain"; + + @PropDoc(value = "设置cookie的path") + public static final String PROP_SESSION_COOKIE_PATH = PRE + "session.cookie.path"; protected Server server; protected WebAppContext wac; @@ -309,10 +316,15 @@ public class JettyStarter extends AbstractServletContainerStarter implements Ser sessionHandler.setMaxInactiveInterval(getSessionTimeout()); // cookie相关 - sessionHandler.setHttpOnly(conf.getBoolean(PROP_SESSION_COOKIE_HTTPONLY, false)); - sessionHandler.setSecureRequestOnly(conf.getBoolean(PROP_SESSION_COOKIE_SECURE, false)); + SessionCookieConfig cc = sessionHandler.getSessionCookieConfig(); + cc.setHttpOnly(conf.getBoolean(PROP_SESSION_COOKIE_HTTPONLY, false)); + cc.setSecure(conf.getBoolean(PROP_SESSION_COOKIE_SECURE, true)); if (!Strings.isBlank(conf.get(PROP_SESSION_COOKIE_NAME))) - sessionHandler.setSessionCookie(conf.get(PROP_SESSION_COOKIE_NAME).trim()); + cc.setName(conf.get(PROP_SESSION_COOKIE_NAME).trim()); + if (!Strings.isBlank(conf.get(PROP_SESSION_COOKIE_DOMAIN))) + cc.setDomain(conf.get(PROP_SESSION_COOKIE_DOMAIN).trim()); + if (!Strings.isBlank(conf.get(PROP_SESSION_COOKIE_PATH))) + cc.setPath(conf.get(PROP_SESSION_COOKIE_PATH).trim()); ErrorHandler ep = Lang.first(appContext.getBeans(ErrorHandler.class)); if (ep == null) {