Closed kwongpan closed 1 year ago
Hey Anthony,
What's the intention of this update? getting it to compile under grails 2.4.4?
Is there a compatibility problem between the plugin and grails 2.4.4?
-ben
The purpose for the pull request is to fix a small bug in CookieSessionRepository on line 78 to 79. It should be the following. if( servletContext?.majorVersion >= 3 ) useSessionCookieConfig = true
The plugin work well in Grails 2.4.4 even without upgrade the plugin to compile with Grails 2.4.4.
I found that if I use "AES/CTR/NoPadding" as cryptoalgorithm and have more than 16 chars for the "grails.plugin.cookiesession.secret", I will get an error when running the application.
Searching on stackoverflow, I found that it is possible to use more than 16 chars for the cookie if you install the crypto extension on the box (http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html).
In a Scala Play application, when creating a new application, it has more than 16 chars for the application secret. If you don't have the crypto extension install on the box, it only take the max allowed key length for the secret key. Here is how they make the check. (https://github.com/playframework/playframework/blob/master/framework/src/play/src/main/scala/play/api/libs/Crypto.scala#L448)
... 2.4.4