in gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java [165:221]
private void handleCookieSetup() {
cookieName = context.getInitParameter(SSO_COOKIE_NAME);
if (cookieName == null) {
cookieName = DEFAULT_SSO_COOKIE_NAME;
}
final String secure = context.getInitParameter(SSO_COOKIE_SECURE_ONLY_INIT_PARAM);
if (StringUtils.isBlank(secure)) {
final GatewayConfig config = (GatewayConfig) request.getServletContext().getAttribute(GatewayConfig.GATEWAY_CONFIG_ATTRIBUTE);
secureOnly = config.isSSLEnabled();
} else {
secureOnly = Boolean.parseBoolean(secure);
}
if (!secureOnly) {
LOGGER.cookieSecureOnly(secureOnly);
}
String age = context.getInitParameter(SSO_COOKIE_MAX_AGE_INIT_PARAM);
if (age != null) {
try {
LOGGER.setMaxAge(age);
maxAge = Integer.parseInt(age);
}
catch (NumberFormatException nfe) {
LOGGER.invalidMaxAgeEncountered(age);
}
}
domainSuffix = context.getInitParameter(SSO_COOKIE_DOMAIN_SUFFIX_PARAM);
whitelist = context.getInitParameter(SSO_COOKIE_TOKEN_WHITELIST_PARAM);
if (whitelist == null) {
whitelist = WhitelistUtils.getDispatchWhitelist(request);
}
String audiences = context.getInitParameter(SSO_COOKIE_TOKEN_AUDIENCES_PARAM);
if (audiences != null) {
String[] auds = audiences.split(",");
for (String aud : auds) {
targetAudiences.add(aud.trim());
}
}
String ttl = context.getInitParameter(SSO_COOKIE_TOKEN_TTL_PARAM);
if (ttl != null) {
try {
tokenTTL = Long.parseLong(ttl);
if (tokenTTL < -1 || (tokenTTL + System.currentTimeMillis() < 0)) {
LOGGER.invalidTokenTTLEncountered(ttl);
tokenTTL = TOKEN_TTL_DEFAULT;
}
}
catch (NumberFormatException nfe) {
LOGGER.invalidTokenTTLEncountered(ttl);
}
}
}