This is an automated email from the git hooks/post-receive script. unknown user pushed a commit to branch devel in repository Pollen. commit 95b1136bd7eecc54695515ed15ea11a28481df2a Author: Tony CHEMIT <chemit@codelutin.com> Date: Tue May 20 16:05:13 2014 +0200 use a header to get session token --- .../chorem/pollen/rest/api/PollenRestApiRequestFilter.java | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java index 201e809..23997c0 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java @@ -50,10 +50,10 @@ import java.util.Map; */ public class PollenRestApiRequestFilter extends WebMotionFilter { - public static final String REQUEST_SESSION_TOKEN_PARAMETER = "sessionToken"; - public static final String REQUEST_PERMISSION_PARAMETER = "permission"; + public static final String REQUEST_HEADER_SESSION_TOKEN = "X-Pollen-Session-Token"; + /** Logger. */ private static final Log log = LogFactory.getLog(PollenRestApiRequestFilter.class); @@ -112,15 +112,13 @@ public class PollenRestApiRequestFilter extends WebMotionFilter { SecurityService securityService = requestContext.getSecurityService(); // --- get session token (from request parameters) --- // - Map<String, String[]> parameters = context.getParameters(); - String[] strings = parameters.get(REQUEST_SESSION_TOKEN_PARAMETER); - String authParam = strings == null || strings.length < 1 ? null : strings[0]; + String sessionTokenHeader = context.getHeader(REQUEST_HEADER_SESSION_TOKEN); - SessionToken sessionToken = securityService.getSessionTokenByToken(authParam); + SessionToken sessionToken = securityService.getSessionTokenByToken(sessionTokenHeader); // --- get mainPrincipal (from request parameters) --- // - parameters = context.getParameters(); - strings = parameters.get(REQUEST_PERMISSION_PARAMETER); + Map<String, String[]> parameters = context.getParameters(); + String[] strings = parameters.get(REQUEST_PERMISSION_PARAMETER); String credentialParam = strings == null || strings.length < 1 ? null : strings[0]; PollenPrincipal mainPrincipal = securityService.getPollenPrincipalByPermissionToken(credentialParam); -- To stop receiving notification emails like this one, please contact Chorem.org SCM administrator <admin+scm@chorem.org>.