code.onehippo.org is currently readonly. We are migrating to code.bloomreach.com, please continue working there on Monday 14/12. See: https://docs.bloomreach.com/display/engineering/GitLab

  • Ard Schrijvers's avatar
    CMS-11338 [Backport 11.2] Make sure a new session is created after login · b697a7ba
    Ard Schrijvers authored
    Note this also backports also CMS-10946 due to conflicts otherwise. The
    changes in CMS-10946 can be backported without problems
    
    Avoid the possibility to exploit session fixation. After login, the
    session id needs to be renewed. There are some if/else conditions
    because when logging in into multiple webapps (cms and cms/console), it
    is not always possible to renew the session since you would then be
    logged out for the other app. Hence, the same credentials are allowed to
    login into a second app without session invalidation. On localhost we
    allow even different credentials to support being able to login into cms
    and cms/console during development with different credentials.
    
    (cherry picked from commit b1f02145)
    b697a7ba
Name
Last commit
Last update
api Loading commit data...
automatic-export Loading commit data...
brokenlinks Loading commit data...
builtin Loading commit data...
config Loading commit data...
console Loading commit data...
dependencies Loading commit data...
editor Loading commit data...
engine Loading commit data...
gallery Loading commit data...
google-analytics Loading commit data...
gotolink Loading commit data...
jquery Loading commit data...
perspectives Loading commit data...
reporting Loading commit data...
repository-dependencies Loading commit data...
richtext Loading commit data...
scripts Loading commit data...
shared-dependencies Loading commit data...
test Loading commit data...
translation Loading commit data...
types Loading commit data...
workflow Loading commit data...
workflowmenu Loading commit data...
.gitignore Loading commit data...
Jenkinsfile Loading commit data...
LICENSE Loading commit data...
NOTICE Loading commit data...
README.md Loading commit data...
pom.xml Loading commit data...