Alexander Wels has submitted this change and it was merged.
Change subject: userportal, webadmin: prevent session fixation
......................................................................
userportal, webadmin: prevent session fixation
- This patch creates a new session when a user attempts to log
in. This is to prevent session fixation attacks.
Change-Id: I3df427683c924f10cb59f4af1dd067fcfd21a8f2
Signed-off-by: Alexander Wels <awels(a)redhat.com>
---
M
frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/GenericApiGWTServiceImpl.java
1 file changed, 16 insertions(+), 9 deletions(-)
Approvals:
Alexander Wels: Verified
Vojtech Szocs: Looks good to me, approved
--
To view, visit
http://gerrit.ovirt.org/25959
To unsubscribe, visit
http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I3df427683c924f10cb59f4af1dd067fcfd21a8f2
Gerrit-PatchSet: 2
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alexander Wels <awels(a)redhat.com>
Gerrit-Reviewer: Alexander Wels <awels(a)redhat.com>
Gerrit-Reviewer: Einav Cohen <ecohen(a)redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vszocs(a)redhat.com>
Gerrit-Reviewer: automation(a)ovirt.org