From e765a046c5edf8ba4dc507db1f0ca429917061d8 Mon Sep 17 00:00:00 2001 From: Hector Sanjuan Date: Fri, 2 Sep 2011 12:53:16 +0200 Subject: [PATCH] Bug #787: Avoid cookie collisions among oZones and Sunstone sessions --- src/ozones/Server/ozones-server.rb | 4 ++-- src/sunstone/public/js/login.js | 4 ---- src/sunstone/public/js/sunstone.js | 38 +++++++++++++++++++++--------- src/sunstone/sunstone-server.rb | 2 +- 4 files changed, 30 insertions(+), 18 deletions(-) diff --git a/src/ozones/Server/ozones-server.rb b/src/ozones/Server/ozones-server.rb index e2b41c543d..93edfd2dc0 100755 --- a/src/ozones/Server/ozones-server.rb +++ b/src/ozones/Server/ozones-server.rb @@ -102,7 +102,7 @@ ADMIN_PASS = @auth.password ############################################################################## # Sinatra Configuration ############################################################################## -use Rack::Session::Pool +use Rack::Session::Pool, :key => 'ozones' set :host, config[:host] set :port, config[:port] set :show_exceptions, false @@ -190,7 +190,7 @@ get '/' do '/templates/login.html') unless authorized? time = Time.now + 60 - response.set_cookie("one-user", + response.set_cookie("ozones-user", :value=>"#{session[:user]}", :expires=>time) diff --git a/src/sunstone/public/js/login.js b/src/sunstone/public/js/login.js index 0c30aac51c..99cfb9d856 100644 --- a/src/sunstone/public/js/login.js +++ b/src/sunstone/public/js/login.js @@ -63,9 +63,5 @@ $(document).ready(function(){ } }); - $("#logout_btn").click(function () { - logout(); - }); - $("input#username.box").get(0).focus(); }); diff --git a/src/sunstone/public/js/sunstone.js b/src/sunstone/public/js/sunstone.js index cbc3d4553e..2c07cfcc9d 100644 --- a/src/sunstone/public/js/sunstone.js +++ b/src/sunstone/public/js/sunstone.js @@ -388,24 +388,40 @@ function readCookie(){ //signout button function setLogin(){ //This variables can be used anywhere - username = cookie["one-user"]; - uid = cookie["one-user_id"]; - gid = cookie["one-user_gid"]; + switch(whichUI()){ + case "sunstone": + username = cookie["one-user"]; + uid = cookie["one-user_id"]; + gid = cookie["one-user_gid"]; + break; + case "ozones": + username = cookie["ozones-user"]; + break; + }; + $("div#header span#user").html(username); + $("div#header a#logout").click(function(){ - //todo, this is ugly - var f_logout = typeof(OpenNebula)!="undefined"? - OpenNebula.Auth.logout : oZones.Auth.logout; - f_logout({ - success:function(){ - window.location.href = "login"; - } - }); + redirect = function(){window.location.href = "login";}; + switch(whichUI()){ + case "sunstone": + OpenNebula.Auth.logout({success:redirect}); + break; + case "ozones": + oZones.Auth.logout({success:redirect}); + break; + } return false; }); } +//returns whether we are Sunstone, or oZones +//not the most elegant way, but better in its own function +function whichUI(){ + return (typeof(OpenNebula)!="undefined"? "sunstone" : "ozones"); +} + //Inserts all main tabs in the DOM function insertTabs(){ var tab_info; diff --git a/src/sunstone/sunstone-server.rb b/src/sunstone/sunstone-server.rb index 097b0c0a69..d348cf41f1 100755 --- a/src/sunstone/sunstone-server.rb +++ b/src/sunstone/sunstone-server.rb @@ -54,7 +54,7 @@ set :config, Configuration.new(CONFIGURATION_FILE) ############################################################################## # Sinatra Configuration ############################################################################## -use Rack::Session::Pool +use Rack::Session::Pool, :key => 'sunstone' set :host, settings.config[:host] set :port, settings.config[:port]