diff options
author | Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> | 2019-12-11 19:11:18 +0100 |
---|---|---|
committer | Zbigniew Kurzynski <zbigniew.kurzynski@intel.com> | 2019-12-16 08:08:16 +0000 |
commit | 26139a5a651dcca88d1d40cac5e1e106285c1271 (patch) | |
tree | 6a3d67cfbd46315fff3d56f7211ef85eec93fc88 | |
parent | 009c2a4d7ba310789487910cc06cb19c745c1c97 (diff) | |
download | bmcweb-26139a5a651dcca88d1d40cac5e1e106285c1271.tar.gz bmcweb-26139a5a651dcca88d1d40cac5e1e106285c1271.zip |
Adding a new value to cookie
This new value will be used by javascript in phosphor-webui
to perform login-less authentication.
Tested:
Manually tests were performed on Chrome browser.
Having enabled and configured mTLS user is able
to authenticate with proper certificates.
The login page is not displayed unless user logs out.
Appropriate phosphor-webui changes can be found here:
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-webui/+/27851
Signed-off-by: Zbigniew Kurzynski <zbigniew.kurzynski@intel.com>
Change-Id: Iac76459e1843a5c8bd2287c6e078319aebedfdcc
-rw-r--r-- | http/http_connection.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/http/http_connection.h b/http/http_connection.h index 0b15616..cce4a54 100644 --- a/http/http_connection.h +++ b/http/http_connection.h @@ -540,7 +540,8 @@ class Connection "XSRF-TOKEN=" + sp->csrfToken + "; Secure\r\nSet-Cookie: SESSION=" + sp->sessionToken + - "; Secure; HttpOnly"); + "; Secure; HttpOnly\r\nSet-Cookie: " + "IsAuthenticated=true; Secure"); BMCWEB_LOG_DEBUG << this << " TLS session: " << sp->uniqueId << " with cookie will be used for this request."; |