diff options
author | st782s <statta@research.att.com> | 2017-11-02 17:05:10 -0400 |
---|---|---|
committer | st782s <statta@research.att.com> | 2017-11-02 17:07:34 -0400 |
commit | a37fe92b5daca76aabd50ff1e6920670b30b84ee (patch) | |
tree | 35c4bf73f1235830054967352a816e0f05329599 /ecomp-sdk/epsdk-app-common/src/main/java | |
parent | 5eb302b890ef11d7bab5b27b91c77c5d9175a7f4 (diff) |
Security vulnerabilityv1.3.21.0.0-ONAP1.0.0-Amsterdamrelease-1.3.2amsterdam
Handle Session issues and security vulnerability login issue to by
preventing sql injection attack
Issue: PORTAL-137
Change-Id: I16eeacd6958af1a8274259e5dc0a008c5f64fb9f
Signed-off-by: st782s <statta@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-app-common/src/main/java')
-rw-r--r-- | ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java b/ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java index 766d9eb9..f921581f 100644 --- a/ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java +++ b/ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java @@ -187,6 +187,11 @@ public class SingleSignOnController extends UnRestrictedBaseController { final String redirectUrl = portalUrl + "?uebAppKey=" + uebAppKey + "&redirectUrl=" + encodedReturnToAppUrl; logger.debug(EELFLoggerDelegate.debugLogger, "singleSignOnLogin: portal-bound redirect URL is {}", redirectUrl); + + // this line may not be necessary but jsessionid cookie is not getting created in all cases, + // so force the cookie creation + request.getSession(true); + return new ModelAndView("redirect:" + redirectUrl); } } |