[#142] added Http.Cookie.defaultDomain to enable sharing session/cook…

…ies between multiple sub-domains
playframework · Mar 27, 2011 · 5d8d987 · 5d8d987
1 parent 1fe4f36
commit 5d8d987
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 0 deletions.
diff --git a/framework/src/play/Play.java b/framework/src/play/Play.java
@@ -17,6 +17,7 @@
 import play.exceptions.PlayException;
 import play.exceptions.UnexpectedException;
 import play.libs.IO;
+import play.mvc.Http;
 import play.mvc.Router;
 import play.plugins.PluginCollection;
 import play.templates.TemplateLoader;
@@ -281,6 +282,12 @@ public static void init(File root, String id) {
             Play.ctxPath = "";
         }
 
+        // Default cookie domain
+        Http.Cookie.defaultDomain = configuration.getProperty("application.defaultCookieDomain", null);
+        if (Http.Cookie.defaultDomain!=null) {
+            Logger.info("Using default cookie domain: " + Http.Cookie.defaultDomain);
+        }
+
         // Plugins
         pluginCollection.loadPlugins();
 

diff --git a/framework/src/play/mvc/Http.java b/framework/src/play/mvc/Http.java
@@ -115,6 +115,17 @@ public String toString() {
      */
     public static class Cookie implements Serializable {
 
+        /**
+         * When creating cookie without specifying domain,
+         * this value is used. Can be configured using
+         * the property 'application.defaultCookieDomain'
+         * in application.conf.
+         *
+         * This feature can be used to allow sharing
+         * session/cookies between multiple sub domains.
+         */
+        public static String defaultDomain = null;
+
         /**
          * Cookie name
          */
@@ -634,6 +645,8 @@ public void setCookie(String name, String value, String domain, String path, Int
                 cookie.httpOnly = httpOnly;
                 if (domain != null) {
                     cookie.domain = domain;
+                } else {
+                    cookie.domain = Cookie.defaultDomain;
                 }
                 if (maxAge != null) {
                     cookie.maxAge = maxAge;

diff --git a/framework/test-src/play/mvc/HttpResponseTest.java b/framework/test-src/play/mvc/HttpResponseTest.java
@@ -0,0 +1,20 @@
+package play.mvc;
+
+import org.junit.Test;
+import static org.fest.assertions.Assertions.assertThat;
+
+public class HttpResponseTest {
+
+    @Test
+    public void verifyDefaultCookieDomain() {
+        Http.Cookie.defaultDomain = null;
+        Http.Response response = new Http.Response();
+        response.setCookie("testCookie", "testValue");
+        assertThat(response.cookies.get("testCookie").domain).isNull();
+
+        Http.Cookie.defaultDomain = ".abc.com";
+        response = new Http.Response();
+        response.setCookie("testCookie", "testValue");
+        assertThat(response.cookies.get("testCookie").domain).isEqualTo(".abc.com");
+    }
+}
diff --git a/resources/application-skel/conf/application.conf b/resources/application-skel/conf/application.conf
@@ -44,6 +44,14 @@ date.format=yyyy-MM-dd
 # application.session.maxAge=1h
 # application.session.secure=false
 
+# Session/Cookie sharing between subdomain
+# ~~~~~~~~~~~~~~~~~~~~~~
+# By default a cookie is only valid for a specific domain. By setting
+# application.defaultCookieDomain to '.example.com', the cookies
+# will be valid for all domains ending with '.example.com', ie:
+# foo.example.com and bar.example.com
+# application.defaultCookieDomain=.example.com
+
 # JVM configuration
 # ~~~~~
 # Define which port is used by JPDA when application is in debug mode (default is set to 8000)