Skip to content

Add support for configuring default CookieSerializer using SessionCookieConfig #713

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 13, 2017
Merged

Add support for configuring default CookieSerializer using SessionCookieConfig #713

merged 1 commit into from
Jun 13, 2017

Conversation

vpavic
Copy link
Contributor

@vpavic vpavic commented Jan 15, 2017
edited
Loading

This resolves #87.

The proposed solution doesn't map two attributes from SessionCookieConfig:

  • secure: DefaultCookieSerializer#useSecureCookie defaults to null and relies on ServletRequest#isSecure which means mapping a value from SessionCookieConfig would override our default (since secure is a primitive boolean over there and typically defaults to false)
  • httpOnly: DefaultCookieSerializer#useHttpOnlyCookie defaults to true in Servlet 3.0+ environments which means our default would be overridden in httpOnly typically defaults to false

Other than that integration tests in Boot based samples needed to be updated with explicit MockServletContext due to MockSessionCookieConfig#maxAge defaulting to 0 instead of -1. I've opened SPR-15142 to address that.

@vpavic vpavic added type: enhancement A general enhancement in: core labels Jan 15, 2017
@vpavic
Copy link
Contributor Author

vpavic commented Jan 16, 2017

PR updated due to SPR-15142 being fixed in the master via spring-projects/spring-framework#1298.

@vpavic vpavic mentioned this pull request Apr 9, 2017
Closed
@rwinch rwinch self-assigned this Jun 13, 2017
@rwinch rwinch added this to the 2.0.0.M2 milestone Jun 13, 2017
@rwinch rwinch added the status: duplicate A duplicate of another issue label Jun 13, 2017
@vpavic vpavic merged commit 3c52298 into spring-projects:master Jun 13, 2017
@vpavic vpavic deleted the gh-87 branch June 13, 2017 20:44
@vpavic vpavic mentioned this pull request Nov 9, 2018
Closed
@rwinch rwinch mentioned this pull request Nov 9, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@rwinch rwinch

Labels
in: core status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
None yet
Milestone
2.0.0.M2
Development

Successfully merging this pull request may close these issues.

Configure Session Cookie using SessionCookieConfig
2 participants
@vpavic @rwinch