Class SameSiteCookies
- java.lang.Object
-
- com.sodius.oslc.server.security.services.SameSiteCookies
-
public class SameSiteCookies extends Object
Defines the behavior of shared cookies for which a SameSite policy may be applied.When the SameSite setting is enabled in the security configuration, the
SameSiteCookiesFilter
class will create, in the HTTP response, a dedicatedSet-Cookie
header with aSameSite=None
attribute for each shared cookie and each path of delegated UIs and previews of the product.Products are recommended to register at initialization time:
- the paths of delegated UIs and previews of the product (e.g.
/servlet/oslc-connect/my-preview
), usingsetPaths(String...)
. - the default session cookies as shared cookies (e.g
JSESSIONID
), usingsetDefaultNames(String...)
.
- Since:
- 2.0.0
- See Also:
SameSiteCookiesFilter
- the paths of delegated UIs and previews of the product (e.g.
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static void
setDefaultNames(String... cookies)
Registers the given cookie names as default shared cookies (e.gJSESSIONID
).static void
setPaths(String... paths)
Registers the paths of delegated UIs and previews of the product (e.g.
-
-
-
Method Detail
-
setPaths
public static void setPaths(String... paths)
Registers the paths of delegated UIs and previews of the product (e.g./servlet/oslc-connect/my-preview
).Products are recommended to register at initialization time those paths.
- Parameters:
paths
- the paths of delegated UIs and previews of the product- See Also:
SameSiteCookiesFilter
-
setDefaultNames
public static void setDefaultNames(String... cookies) throws SettingStoreException
Registers the given cookie names as default shared cookies (e.gJSESSIONID
).Products are recommended to register at initialization time the default session cookies as shared cookies. The session cookie is usually
JSESSIONID
, but this may vary depending on the web container or integration.It is worth noting that this method is only for initializing the list of default shared cookies. It doesn't alter the actual list of shared cookies if they were configured by the server administrator.
- Parameters:
cookies
- the cookie names to set as default in the Shared Cookies setting.- Throws:
SettingStoreException
- if an error occurs while querying or updating the setting store.
-
-