0041344: After HTTP Session timeout, new requests from Web POS cause the insertion of a record in AD_SESSION with username NULL

Anonymous | Login

Project:

News | My View | View Issues | Roadmap | Summary

View Revisions: Issue #41344		[ All Revisions ] [ Back to Issue ]
Summary	0041344: After HTTP Session timeout, new requests from Web POS cause the insertion of a record in AD_SESSION with username NULL

Revision	2019-07-31 15:46 by alostale
Description	The AuthenticationManager in use is: ->org.openbravo.authentication.AuthenticationManager -->org.openbravo.authentication.basic.DefaultAuthenticationManager ---> org.openbravo.mobile.core.authenticate.MobileKeyAuthenticationManager ----> org.openbravo.retail.alerting.authenticate.AlertingAuthenticationManager Change set versions: core: a4a442cd90a4 module org.openbravo.mobile.core: 558f27c4e7b9 module org.openbravo.retail.alerting: a7f0636d29d7 If the HTTP Session timeout in Tomcat or the load balancer is shorter than the time it takes for Web POS to lock the terminal. Whenever the session has expired, any new request from Web POS will fail, but a new record will be created in AD_SESSION with the following characteristics: 1. The field 'username' is null 2. The field 'login_status' is 'S' instead of 'OBPOS_POS' 3. The field 'em_obpos_store_org_id' is null 4. The field 'websession' has a different value from the original session record 4. Other relevant fields have the same information, including 'em_obpos_applications_id' Note this issue is reproducible also with MobileKeyAuthenticationManager

Revision	2019-07-31 15:41 by alostale
Description	The AuthenticationManager in use is: ->org.openbravo.authentication.AuthenticationManager -->org.openbravo.authentication.basic.DefaultAuthenticationManager ---> org.openbravo.mobile.core.authenticate.MobileKeyAuthenticationManager ----> org.openbravo.retail.alerting.authenticate.AlertingAuthenticationManager Change set versions: core: a4a442cd90a4 module org.openbravo.mobile.core: 558f27c4e7b9 module org.openbravo.retail.alerting: a7f0636d29d7 If the HTTP Session timeout in Tomcat or the load balancer is shorter than the time it takes for Web POS to lock the terminal. Whenever the session has expired, any new request from Web POS will fail, but a new record will be created in AD_SESSION with the following characteristics: 1. The field 'username' is null 2. The field 'login_status' is 'S' instead of 'OBPOS_POS' 3. The field 'em_obpos_store_org_id' is null 4. The field 'websession' has a different value from the original session record 4. Other relevant fields have the same information, including 'em_obpos_applications_id'