SameSiteCookiesFilter

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- com.sodius.oslc.server.services.HttpFilter
- - com.sodius.oslc.server.security.services.SameSiteCookiesFilter

All Implemented Interfaces:

Filter
```
public class SameSiteCookiesFilter
extends HttpFilter
```
Sets in the HTTP response some Set-Cookie headers with a SameSite=None attribute for each shared cookie and each path of delegated UIs and previews of the product.
This filter aims at filtering only the paths on which a login form is involved, where a session cookie (or more generally a shared cookie) is created. The application administrator has the capability to extend the scope of the filter through a dedicated setting, so that all paths of the application are filtered. This is notably useful if a given customer is using a custom login page (with a dedicated path), which cannot be natively declared by the filter.
Here are the steps to correctly use this filter:
1. Register the filter for all URLs of the application, using <url-pattern>.
2. Declare the paths for the login pages of the application, using <init-param> with "loginPaths" as parameter name and a comma-separated value.
3. At application initialization phase, configure the default Shared Cookies and delegated UI paths with the SameSiteCookies class.
Here is an extract of filter declaration:
```
 <url-pattern>/*</url-pattern>
 <init-param>
      <param-name>loginPaths</param-name>
      <param-value>/path1/login.jsp,/path2/other-login</param-value>
 </init-param>
 
```
Since:

2.0.0

See Also:

SameSiteCookies

Constructor Summary

Constructors
Constructor and Description

SameSiteCookiesFilter()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain)` Processes this filter and either executes or blocks the chain.
`void`	`init(FilterConfig filterConfig)` This implementation does nothing.

Methods inherited from class com.sodius.oslc.server.services.HttpFilter
destroy, doFilter, handleOslcError

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SameSiteCookiesFilter
```
public SameSiteCookiesFilter()
```
- Method Detail
  - init
```
public void init(FilterConfig filterConfig)
          throws ServletException
```
    Description copied from class: HttpFilter
    
    This implementation does nothing. Subclasses may override.
    
    Specified by:
    
    init in interface Filter
    
    Overrides:
    
    init in class HttpFilter
    
    Parameters:
    
    filterConfig - the configuration of the filter.
    
    Throws:
    
    ServletException - not thrown by this implementation.
  - doFilter
```
protected void doFilter(HttpServletRequest request,
                        HttpServletResponse response,
                        FilterChain chain)
                 throws IOException,
                        ServletException
```
    Description copied from class: HttpFilter
    
    Processes this filter and either executes or blocks the chain.
    Subclasses may throw a OslcWebApplicationException to report an OslcError. This filter will automatically serialize such error in the HTTP response.
    
    Specified by:
    
    doFilter in class HttpFilter
    
    Parameters:
    
    request - the request.
    
    response - the response.
    
    chain - the filter chain to process.
    
    Throws:
    
    IOException - if an I/O error occurs.
    
    ServletException - if the filter execution fails.

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method