Skip to content

J
jenkins

xxadev / jenkins
与 Fork 源项目一致

从无法访问的项目Fork

通知 3
Star 0
Fork 0
J
jenkins

体验新版 GitCode,发现更多精彩内容 >>

提交 386dafd7 编写于 作者: M Matt Sicker
浏览文件
操作

[JENKINS-56243] Ensure user seed saved to session 

This fixes the remember me service to link the user seed to a
corresponding HTTP session. By doing so, this should significantly
reduce the number of calls to loadUserDetails().
Signed-off-by: NMatt Sicker <boards@gmail.com>
上级 4404c6e6
隐藏空白更改
内联 并排
Showing with 29 addition and 0 deletion
core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
浏览文件 @ 386dafd7
......@@ -269,6 +269,14 @@ public class TokenBasedRememberMeServices2 extends TokenBasedRememberMeServices
userDetails.getAuthorities());
auth.setDetails(authenticationDetailsSource.buildDetails(request));
// Ensure this session is linked to the user's seed
if (!UserSeedProperty.DISABLE_USER_SEED) {
User user = User.get(auth);
UserSeedProperty userSeed = user.getProperty(UserSeedProperty.class);
String sessionSeed = userSeed.getSeed();
request.getSession().setAttribute(UserSeedProperty.USER_SESSION_SEED, sessionSeed);
}
return auth;
}
......
test/src/test/java/hudson/security/TokenBasedRememberMeServices2Test.java
浏览文件 @ 386dafd7
......@@ -8,6 +8,7 @@ import java.util.Arrays;
import static java.util.logging.Level.FINEST;
import java.util.stream.Collectors;
import hudson.model.User;
import jenkins.model.Jenkins;
import jenkins.security.seed.UserSeedProperty;
......@@ -29,6 +30,7 @@ import org.jvnet.hudson.test.For;
import org.jvnet.hudson.test.Issue;
import org.jvnet.hudson.test.JenkinsRule;
import org.jvnet.hudson.test.LoggerRule;
import org.kohsuke.stapler.Stapler;
import org.springframework.dao.DataAccessException;
import java.util.concurrent.TimeUnit;
......@@ -289,6 +291,25 @@ public class TokenBasedRememberMeServices2Test {
}
}
@Test
@Issue("JENKINS-56243")
public void rememberMeToken_shouldSetUserSeedInSession() throws Exception {
j.jenkins.setDisableRememberMe(false);
j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
User alice = User.getOrCreateByIdOrFullName("alice");
// first, start a session with a remember me token
Cookie cookie = getRememberMeCookie(j.createWebClient().login("alice", "alice", true));
// next, start a new session with that token
JenkinsRule.WebClient wc = j.createWebClient();
wc.getCookieManager().addCookie(cookie);
// trigger remember me
String sessionSeed = wc.executeOnServer(() -> Stapler.getCurrentRequest().getSession(false).getAttribute(UserSeedProperty.USER_SESSION_SEED).toString());
String userSeed = alice.getProperty(UserSeedProperty.class).getSeed();
assertEquals(userSeed, sessionSeed);
}
private Cookie createRememberMeCookie(TokenBasedRememberMeServices2 tokenService, long deltaDuration, hudson.model.User user) throws Exception {
long tokenValiditySeconds = tokenService.getTokenValiditySeconds();
long expiryTime = System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(tokenValiditySeconds);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册