checkSession.jsp revision 3547063d010b485922e56e2fe43f2f3cde2e710a
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * DO NOT REMOVE COPYRIGHT NOTICES OR THIS HEADER.
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * Copyright (c) 2013 ForgeRock AS All rights reserved.
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * The contents of this file are subject to the terms
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * of the Common Development and Distribution License
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * (the License). You may not use this file except in
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * compliance with the License.
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * You can obtain a copy of the License at
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * See the License for the specific language governing
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * permission and limitations under the License.
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * When distributing Covered Code, include this CDDL
d81f6d00c343633159fc5ea08599d145135612c0ludovicp * Header Notice in each file and include the License file
ff6286a9aeb144fa2ea2e61668eb86716a7d6117ludo * If applicable, add the following below the CDDL Header,
ff6286a9aeb144fa2ea2e61668eb86716a7d6117ludo * with the fields enclosed by brackets [] replaced by
ff6286a9aeb144fa2ea2e61668eb86716a7d6117ludo * your own identifying information:
ff6286a9aeb144fa2ea2e61668eb86716a7d6117ludo * "Portions copyright [year] [name of copyright owner]"
<%@ page import="org.forgerock.openam.oauth2.openid.CheckSessionImpl" %>
<%@ page import="org.forgerock.openam.oauth2.openid.CheckSession" %>
<%@ page import="org.owasp.esapi.ESAPI" %>
String cookieName = checkSession.getCookieName();
String clientSessionURI = checkSession.getClientSessionURI(request);
Boolean validSession = checkSession.getValidSession(request);
<script src="../../js/sha256.js"></script>
<script type="text/javascript">
window.addEventListener("message", receiveMessage, false);
data = e.data.split(' ');
var clientURI = "<%=ESAPI.encoder().encodeForJavaScript(clientSessionURI)%>";
if (e.origin !== clientURI){
var cookieName = "<%=ESAPI.encoder().encodeForJavaScript(cookieName)%>" + "=";
var cookies = document.cookie+";";
var cookieStart = cookies.indexOf(cookieName);
var end = cookies.indexOf(";", cookieStart);