From 992937b7cf453ce6cc232e16eb6c62cb169604a2 Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl.dsilva@shapeblue.com>
Date: Tue, 23 Jun 2020 15:27:33 +0530
Subject: [PATCH] Fix issue b/w Legacy and Primate UI wrt SessionID

---
 .../main/java/com/cloud/api/ApiServlet.java    | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/server/src/main/java/com/cloud/api/ApiServlet.java b/server/src/main/java/com/cloud/api/ApiServlet.java
index 4002ff8d99b1..c86ea9593716 100644
--- a/server/src/main/java/com/cloud/api/ApiServlet.java
+++ b/server/src/main/java/com/cloud/api/ApiServlet.java
@@ -25,6 +25,7 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 import javax.inject.Inject;
 import javax.servlet.ServletConfig;
@@ -50,7 +51,6 @@
 import com.cloud.user.Account;
 import com.cloud.user.AccountService;
 import com.cloud.user.User;
-
 import com.cloud.utils.HttpUtils;
 import com.cloud.utils.StringUtils;
 import com.cloud.utils.db.EntityManager;
@@ -259,6 +259,22 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
                 userId = (Long)session.getAttribute("userid");
                 final String account = (String) session.getAttribute("account");
                 final Object accountObj = session.getAttribute("accountobj");
+                if (session.getAttribute(ApiConstants.SESSIONKEY) != null) {
+                    Cookie[] cookies = req.getCookies();
+                    if (cookies != null) {
+                        HttpSession finalSession = session;
+                        List<Cookie> sessionKeys = Arrays.stream(cookies).filter(cookie ->  cookie.getName().equals(ApiConstants.SESSIONKEY)
+                                && cookie.getValue().equals(finalSession.getAttribute(ApiConstants.SESSIONKEY))).collect(Collectors.toList());
+                        Cookie validCookie = sessionKeys.get(0);
+                        for (Cookie cookie : cookies) {
+                            if (cookie.getName().equals(ApiConstants.SESSIONKEY)) {
+                                if (cookie.getValue() != null && !cookie.getValue().equals(validCookie.getValue())) {
+                                    cookie.setValue((String) validCookie.getValue());
+                                }
+                            }
+                        }
+                    }
+                }
                 if (!HttpUtils.validateSessionKey(session, params, req.getCookies(), ApiConstants.SESSIONKEY)) {
                     try {
                         session.invalidate();