CS-18149: UI - no longer store sessionKey in cookie. After

... this change, opening the 2nd browser window (of the same domain) will show login screen (i.e. user has to enter credentials again) and will cause the 1st browser window session timeout. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2025-10-26 08:42:29 +01:00 · 2015-03-13 13:14:42 +05:30 · 2015-03-13 13:14:42 +05:30 · 19e3c0168e
commit 19e3c0168e
parent 0b5b9c91e4
1 changed files with 7 additions and 10 deletions
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@ -105,9 +105,9 @@
            bypassLoginCheck: function(args) { //determine to show or bypass login screen
                if (g_loginResponse == null) { //show login screen
                    /*
-           but if this is a 2nd browser window (of the same domain), login screen still won't show because $.cookie('sessionKey') is valid for 2nd browser window (of the same domain) as well.
-           i.e. calling listCapabilities API with g_sessionKey from $.cookie('sessionKey') will succeed,
-           then userValid will be set to true, then an user object (instead of "false") will be returned, then login screen will be bypassed.
+                     * Since we no longer store sessionKey in cookie, opening the
+                     * 2nd browser window (of the same domain) will show login screen (i.e. user has to
+                     * enter credentials again) and will cause the 1st browser window session timeout.
                     */
                    var unBoxCookieValue = function (cookieName) {
                        var cookieValue = $.cookie(cookieName);
@ -117,7 +117,7 @@
                        }
                        return cookieValue;
                    };
-                    g_sessionKey = unBoxCookieValue('sessionKey');
+                    g_sessionKey = unBoxCookieValue('JSESSIONID');
                    g_role = unBoxCookieValue('role');
                    g_userid = unBoxCookieValue('userid');
                    g_domainid = unBoxCookieValue('domainid');
@ -226,9 +226,6 @@
                        g_timezone = loginresponse.timezone;                        
                        g_userfullname = loginresponse.firstname + ' ' + loginresponse.lastname;

-                        $.cookie('sessionKey', g_sessionKey, {
-                            expires: 1
-                        });
                        $.cookie('username', g_username, {
                            expires: 1
                        });
@ -324,7 +321,7 @@
                        g_regionsecondaryenabled = null;
                        g_loginCmdText = null;
                        
-                        $.cookie('sessionKey', null);
+                        $.cookie('JSESSIONID', null);
                        $.cookie('username', null);
                        $.cookie('account', null);
                        $.cookie('domainid', null);
@ -347,7 +344,7 @@
            },

            samlLoginAction: function(args) {
-                $.cookie('sessionKey', null);
+                $.cookie('JSESSIONID', null);
                $.cookie('username', null);
                $.cookie('account', null);
                $.cookie('domainid', null);