benlucchesi
commented
9 years ago Hey Anthony,
What's the intention of this update? getting it to compile under grails 2.4.4?
Is there a compatibility problem between the plugin and grails 2.4.4?
-ben
Closed kwongpan closed 1 year ago
benlucchesi
commented
9 years ago Hey Anthony,
What's the intention of this update? getting it to compile under grails 2.4.4?
Is there a compatibility problem between the plugin and grails 2.4.4?
-ben
kwongpan
commented
9 years ago The purpose for the pull request is to fix a small bug in CookieSessionRepository on line 78 to 79. It should be the following. if( servletContext?.majorVersion >= 3 ) useSessionCookieConfig = true
The plugin work well in Grails 2.4.4 even without upgrade the plugin to compile with Grails 2.4.4.
kwongpan
commented
9 years ago I found that if I use "AES/CTR/NoPadding" as cryptoalgorithm and have more than 16 chars for the "grails.plugin.cookiesession.secret", I will get an error when running the application.
Searching on stackoverflow, I found that it is possible to use more than 16 chars for the cookie if you install the crypto extension on the box (http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html).
In a Scala Play application, when creating a new application, it has more than 16 chars for the application secret. If you don't have the crypto extension install on the box, it only take the max allowed key length for the secret key. Here is how they make the check. (https://github.com/playframework/playframework/blob/master/framework/src/play/src/main/scala/play/api/libs/Crypto.scala#L448)
double16
commented
6 years ago
... 2.4.4