Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0020704 | Openbravo ERP | A. Platform | public | 2012-06-07 17:13 | 2012-06-27 19:43 |
|
| Reporter | iperdomo | |
| Assigned To | iperdomo | |
| Priority | urgent | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 5 | OS Version | |
| Product Version | pi | |
| Target Version | pi | Fixed in Version | 3.0MP13 | |
| Merge Request Status | |
| Review Assigned To | |
| OBNetwork customer | No |
| Web browser | Google Chrome |
| Modules | Core |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0020704: An restricted resource should be able to define a custom login URL |
| Description | When a user tries to access a authentication-restricted resource, the AuthenticationManager kicks in, and if the user is not authenticated; he gets redirected to the default login window. |
| Steps To Reproduce | * Try to access a resouce like /web/org.openbravo.retail.posterminal
* You'll get redirected to the default login window |
| Proposed Solution | * Before the authentication process, the resource should be able to define a custom url as request attribute.
* The DefaultAuthenticationManager will check if this attribute exist and redirecto to the custom login, otherwise it will redirect to the default one |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | |
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2012-06-07 17:13 | iperdomo | New Issue | |
| 2012-06-07 17:13 | iperdomo | Assigned To | => iperdomo |
| 2012-06-07 17:13 | iperdomo | Web browser | => Google Chrome |
| 2012-06-07 17:13 | iperdomo | Modules | => Core |
| 2012-06-07 17:13 | iperdomo | OBNetwork customer | => No |
| 2012-06-07 17:13 | iperdomo | Status | new => scheduled |
| 2012-06-07 17:13 | iperdomo | fix_in_branch | => pi |
| 2012-06-07 17:33 | hgbot | Checkin | |
| 2012-06-07 17:33 | hgbot | Note Added: 0049683 | |
| 2012-06-07 17:33 | hgbot | Checkin | |
| 2012-06-07 17:33 | hgbot | Note Added: 0049684 | |
| 2012-06-07 17:33 | hgbot | Status | scheduled => resolved |
| 2012-06-07 17:33 | hgbot | Resolution | open => fixed |
| 2012-06-07 17:33 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/3a2b4541f8469cf027fe5731b748fd1481ed0c72 [^] |
| 2012-06-07 17:38 | hgbot | Checkin | |
| 2012-06-07 17:38 | hgbot | Note Added: 0049686 | |
| 2012-06-07 17:38 | hgbot | Fixed in SCM revision | http://code.openbravo.com/erp/devel/pi/rev/3a2b4541f8469cf027fe5731b748fd1481ed0c72 [^] => http://code.openbravo.com/erp/devel/pi/rev/bd6232d1c4306d293529e35d856b63577deab808 [^] |
| 2012-06-07 19:06 | hgbot | Checkin | |
| 2012-06-07 19:06 | hgbot | Note Added: 0049689 | |
| 2012-06-27 19:43 | AugustoMauch | Note Added: 0050197 | |
| 2012-06-27 19:43 | AugustoMauch | Status | resolved => closed |
| 2012-06-27 19:43 | AugustoMauch | Fixed in Version | => 3.0MP13 |
|
Notes |
|
|
(0049683)
|
|
hgbot
|
|
2012-06-07 17:33
|
|
Repository: erp/devel/pi
Changeset: d208166ae5e5197e9fe949b4ed90422a00c1ad3d
Author: Iván Perdomo <ivan.perdomo <at> openbravo.com>
Date: Thu Jun 07 17:30:02 2012 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/d208166ae5e5197e9fe949b4ed90422a00c1ad3d [^]
Issue 20704: Code improvements in authentication header
- There is no need to create a HttpBaseServlet object as the jsp itself has the
required methods used by the AuthenticationManager
- There is no need to call the init, since getAuthenticationManager calls it implicitly
---
M src/index.jsp
---
|
|
|
|
(0049684)
|
|
hgbot
|
|
2012-06-07 17:33
|
|
Repository: erp/devel/pi
Changeset: 3a2b4541f8469cf027fe5731b748fd1481ed0c72
Author: Iván Perdomo <ivan.perdomo <at> openbravo.com>
Date: Thu Jun 07 17:31:22 2012 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/3a2b4541f8469cf027fe5731b748fd1481ed0c72 [^]
Fixes issue 20704: Improvements in AuthenticationManger
- The authenticate() method of the DefaultAuthenticationManager will check if a
"loginURL" attribute is present in the request and use if for redirecting the user,
otherwise it will use the default login url
---
M src/org/openbravo/authentication/AuthenticationManager.java
---
|
|
|
|
(0049686)
|
|
hgbot
|
|
2012-06-07 17:38
|
|
Repository: erp/devel/pi
Changeset: bd6232d1c4306d293529e35d856b63577deab808
Author: Iván Perdomo <ivan.perdomo <at> openbravo.com>
Date: Thu Jun 07 17:36:13 2012 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/bd6232d1c4306d293529e35d856b63577deab808 [^]
Fixes issue 20704: Added missing init() call
- When handling the exception of, the flow falls back to the DefaultAuthenticationManager,
we need to always call the init method to ensure proper initialization
---
M src/org/openbravo/authentication/AuthenticationManager.java
---
|
|
|
|
(0049689)
|
|
hgbot
|
|
2012-06-07 19:06
|
|
Repository: erp/devel/pi
Changeset: 7c643865432a576e4a86bbb0a8aeb2d7fbcceed4
Author: Iván Perdomo <ivan.perdomo <at> openbravo.com>
Date: Thu Jun 07 19:04:43 2012 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/7c643865432a576e4a86bbb0a8aeb2d7fbcceed4 [^]
Issue 20704: Restore removed code
- The template of Openbravo.properties has the property authentication.class=
that is not the same of null (not defined)
- If we remove this code, every instance using the default template will get an
exception when login since it will try to create a new instance of an empty string
---
M src/org/openbravo/authentication/AuthenticationManager.java
---
|
|
|
|
|
|
Code reviewed and verified in pi@7ada3b41a87a |
|