Alexander Wels has submitted this change and it was merged. Change subject: userportal, webadmin: prevent session fixation ...................................................................... userportal, webadmin: prevent session fixation - This patch creates a new session when a user attempts to log in. This is to prevent session fixation attacks. Change-Id: I3df427683c924f10cb59f4af1dd067fcfd21a8f2 Signed-off-by: Alexander Wels <awels@redhat.com> --- M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/GenericApiGWTServiceImpl.java 1 file changed, 16 insertions(+), 9 deletions(-) Approvals: Alexander Wels: Verified Vojtech Szocs: Looks good to me, approved -- To view, visit http://gerrit.ovirt.org/25959 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I3df427683c924f10cb59f4af1dd067fcfd21a8f2 Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alexander Wels <awels@redhat.com> Gerrit-Reviewer: Alexander Wels <awels@redhat.com> Gerrit-Reviewer: Einav Cohen <ecohen@redhat.com> Gerrit-Reviewer: Vojtech Szocs <vszocs@redhat.com> Gerrit-Reviewer: automation@ovirt.org