hace 4 años · 16cba997e8
--- a/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
@@ -150,12 +150,11 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
 
				         
			
 
				         OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
			
 
				         
			
 
				-        
			
 
				+        //set ONLINE_TICKET cookie
			
 
				         WebContext.setCookie(WebContext.getResponse(), 
			
 
				                 this.applicationConfig.getBaseDomainName(), 
			
 
				                 WebConstants.ONLINE_TICKET_NAME, 
			
 
				-                onlineTickitId, 
			
 
				-                0);
			
 
				+                onlineTickitId);
			
 
				         
			
 
				         SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo);
			
 
				         //set OnlineTicket
			
--- a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
@@ -368,7 +368,7 @@ public final class WebContext {
 
				             e.printStackTrace();
			
 
				         }
			
 
				         // 单位：秒
			
 
				-        if(time > 0) {
			
 
				+        if(time >= 0) {
			
 
				             cookie.setMaxAge(time);
			
 
				         }
			
 
				         // 将Cookie添加到Response中,使之生效
			
@@ -376,6 +376,18 @@ public final class WebContext {
 
				         return response;
			
 
				     }
			
 
				 
			
 
				+    public static HttpServletResponse expiryCookie(
			
 
				+            HttpServletResponse response, String domain ,String name, String value) {
			
 
				+        WebContext.setCookie(response,domain,name, value,0);
			
 
				+        return response;
			
 
				+    }
			
 
				+    
			
 
				+    public static HttpServletResponse setCookie(
			
 
				+            HttpServletResponse response, String domain ,String name, String value) {
			
 
				+        WebContext.setCookie(response,domain,name, value,-1);
			
 
				+        return response;
			
 
				+    }
			
 
				+
			
 
				     /**
			
 
				      * get Current Date,eg 2012-07-10.
			
 
				      * 
			
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
@@ -19,6 +19,7 @@ package org.maxkey.web.endpoint;
 
				 
			
 
				 import java.util.Iterator;
			
 
				 import java.util.Set;
			
 
				+import java.util.UUID;
			
 
				 import java.util.Map.Entry;
			
 
				 
			
 
				 import javax.servlet.http.HttpServletRequest;
			
@@ -125,6 +126,13 @@ public class LogoutEndpoint {
 
				             }
			
 
				         }
			
 
				  		onlineTicketServices.remove(onlineTicketId);
			
 
				+ 		
			
 
				+ 		//remove ONLINE_TICKET cookie
			
 
				+ 		WebContext.expiryCookie(WebContext.getResponse(), 
			
 
				+                this.applicationConfig.getBaseDomainName(), 
			
 
				+                WebConstants.ONLINE_TICKET_NAME, 
			
 
				+                UUID.randomUUID().toString());
			
 
				+ 		
			
 
				  		request.getSession().invalidate();
			
 
				  		SecurityContextHolder.clearContext();