From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Sat, 27 Jan 2007 21:25:41 +0000 (+0000)
Subject: Port fox for bug 41217. Set secure attribute on SSO cookie when cookie is created... 
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=8c7c122cb059db9616b13a54e9f56df4520eb93c;p=tomcat7.0

Port fox for bug 41217. Set secure attribute on SSO cookie when cookie is created during a secure request. Patch provided by Chris Halstead.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk@500626 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/java/org/apache/catalina/authenticator/AuthenticatorBase.java b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
index 572ec9ff5..2915a9d97 100644
--- a/java/org/apache/catalina/authenticator/AuthenticatorBase.java
+++ b/java/org/apache/catalina/authenticator/AuthenticatorBase.java
@@ -743,6 +743,9 @@ public abstract class AuthenticatorBase
             cookie.setMaxAge(-1);
             cookie.setPath("/");
             
+            // Bugzilla 41217
+            cookie.setSecure(request.isSecure());
+
             // Bugzilla 34724
             String ssoDomain = sso.getCookieDomain();
             if(ssoDomain != null) {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 7bc662b05..81fd38aab 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -30,6 +30,11 @@
         Fix error messages when parsing context.xml that incorrectly referred to
         web.xml. (markt)
       </fix>
+      <fix>
+        <bug>41217</bug>: Set secure attribute on SSO cookie when cookie is
+        created during a secure request. Patch provided by Chris Halstead.
+        (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Jasper">