Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0023135Openbravo ERPA. Platformpublic2013-02-21 10:322013-03-01 13:52
Reporteralostale 
Assigned Toalostale 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target Version3.0MP21Fixed in Version 
Merge Request Status
Review Assigned Tomarvintm
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0023135: Bypass authentication resources create sessions
DescriptionComponents that are marked to bypass authentication, create a System session.
Steps To ReproduceWithout being logged in the application request a non authenticated resource (such as POS' libraries), check after this request the browser has an active system session.
Proposed SolutionAfter request invalidate session in case it was created just for this resource.
Additional Information
Tagsmobile
Relationships
related to feature request 0021508 closed marvintm Components require the user to be logged in to work correctly 
related to design defect 00231343.0MP21 closed alostale StyleSheet components should bypass authentication 
related to defect 00233093.0MP22 closed alostale POS redirected to Openbravo login page 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2013-02-21 10:32alostaleNew Issue
2013-02-21 10:32alostaleAssigned To => alostale
2013-02-21 10:32alostaleModules => Core
2013-02-21 10:32alostaleOBNetwork customer => No
2013-02-21 10:32alostaleTriggers an Emergency Pack => No
2013-02-21 10:32alostaleRelationship addedrelated to 0021508
2013-02-21 10:32alostaleRelationship addedrelated to 0023134
2013-02-21 10:33alostaleTag Attached: mobile
2013-02-21 10:33alostaleReview Assigned To => marvintm
2013-02-21 10:54hgbotCheckin
2013-02-21 10:54hgbotNote Added: 0056674
2013-02-21 10:54hgbotStatusnew => resolved
2013-02-21 10:54hgbotResolutionopen => fixed
2013-02-21 10:54hgbotFixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/0d32601d024353b3579b735cddcfcfef323b00fc [^]
2013-02-22 07:57hudsonbotCheckin
2013-02-22 07:57hudsonbotNote Added: 0056712
2013-03-01 13:52marvintmStatusresolved => closed
2013-03-14 15:31alostaleRelationship addedrelated to 0023309

Notes
(0056674)
hgbot   
2013-02-21 10:54   
Repository: erp/devel/pi
Changeset: 0d32601d024353b3579b735cddcfcfef323b00fc
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu Feb 21 10:43:08 2013 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/0d32601d024353b3579b735cddcfcfef323b00fc [^]

fixed issue 23135: Bypass authentication resources create sessions

---
M modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
M src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
---
(0056712)
hudsonbot   
2013-02-22 07:57   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/b99c43bfb674 [^]

Maturity status: Test