Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0037928Openbravo ERPA. Platformpublic2018-02-15 12:042018-03-05 17:51
Reporteralostale 
Assigned Toalostale 
PriorityimmediateSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in Version3.0PR18Q2 
Merge Request Status
Review Assigned ToAugustoMauch
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression levelProduction - Confirmed Stable
Regression date2016-05-02
Regression introduced in release3.0PR17Q3
Regression introduced by commithttp://code.openbravo.com/erp/pmods/org.openbravo.mobile.core/rev/0bd874e354593cfb98d714cf2e0dd54e4864295b [^]
Triggers an Emergency PackNo
Summary0037928: sys admin sessions created after reaching CU limit are not automatically kicked out
DescriptionAfter concurrent users limit is reached, only users with System Admin role are allowed to log in the application.

When this limit is reached, before rejecting new logins, it is checked if there are logged in session that were abandoned for the last 2 minutes and if so they are kicked out so log in is accepted.

System Admin sessions created in this situation are not automatically kicked out, so they only get deactivated releasing its CU after manual log out or after Tomcat timeout. They should be kicked out also if they were inactive for 2 minutes.
Steps To ReproduceIn an instance activated with 1 CU limit:

1. Log in with Openbravo user (session 1)
2. In another browser log in with Openbravo user (session 2)
   -> Warn about CU limit reached is displayed, but log in is allowed with only access to System Admin role
3. Without logging out, close browsers with session 1 and 2
4. Wait 3 minutes
5. Log in with a user that has NO access to System Admin
   -> ERROR: Login is rejected
      EXPECTED: Login should be allowed because sessions 1 and 2 should have been kicked out because they were abandoned for more than 2 minutes
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
related to defect 0037899 closed alostale Session in POS can prevent an ERP session (which counts for concurrent user limit) from being closed 
depends on backport 00379293.0PR18Q1 closed alostale sys admin sessions created after reaching CU limit are not automatically kicked out 
depends on backport 00379303.0PR17Q4.2 closed alostale sys admin sessions created after reaching CU limit are not automatically kicked out 
caused by feature request 0032821 closed platform Mobile Core. Reinforce CU Licensing 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2018-02-15 12:04alostaleNew Issue
2018-02-15 12:04alostaleAssigned To => alostale
2018-02-15 12:04alostaleModules => Core
2018-02-15 12:04alostaleRegression level => Production - Confirmed Stable
2018-02-15 12:04alostaleRegression date => 2016-05-02
2018-02-15 12:04alostaleRegression introduced in release => 3.0PR17Q3
2018-02-15 12:04alostaleRegression introduced by commit => http://code.openbravo.com/erp/pmods/org.openbravo.mobile.core/rev/0bd874e354593cfb98d714cf2e0dd54e4864295b [^]
2018-02-15 12:04alostaleTriggers an Emergency Pack => No
2018-02-15 12:05alostaleRelationship addedcaused by 0032821
2018-02-15 12:05alostaleRelationship addedrelated to 0037899
2018-02-15 12:06alostaleReview Assigned To => AugustoMauch
2018-02-15 12:10alostalePrioritynormal => immediate
2018-02-15 12:11alostaleStatusnew => scheduled
2018-02-15 12:30alostaleDescription Updatedbug_revision_view_page.php?rev_id=16701#r16701
2018-02-15 12:30alostaleSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=16703#r16703
2018-02-15 13:02hgbotCheckin
2018-02-15 13:02hgbotNote Added: 0102435
2018-02-15 13:02hgbotStatusscheduled => resolved
2018-02-15 13:02hgbotResolutionopen => fixed
2018-02-15 13:02hgbotFixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/037253b579a337bfe9fe35572b010058504d9078 [^]
2018-02-22 18:19hudsonbotCheckin
2018-02-22 18:19hudsonbotNote Added: 0102765
2018-03-05 17:51AugustoMauchNote Added: 0102994
2018-03-05 17:51AugustoMauchStatusresolved => closed
2018-03-05 17:51AugustoMauchFixed in Version => 3.0PR18Q2

Notes
(0102435)
hgbot   
2018-02-15 13:02   
Repository: erp/devel/pi
Changeset: 037253b579a337bfe9fe35572b010058504d9078
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu Feb 15 13:01:08 2018 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/037253b579a337bfe9fe35572b010058504d9078 [^]

fixed bug 37928: sys admin CUR sessions are not automatically kicked out

  System Admin CUR session (created when CU limit is reached), consume CU but
  were not kicked out after inactivity period before rejecting other logins.

  Fixed by including CUR sessions in the ones that are automatically always
  killed if no ping is detected for 2 minutes.

---
M src/org/openbravo/erpCommon/ad_process/HeartbeatProcess.java
M src/org/openbravo/erpCommon/obps/ActivationKey.java
---
(0102765)
hudsonbot   
2018-02-22 18:19   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/980a6ad5bbf5 [^]
Maturity status: Test
(0102994)
AugustoMauch   
2018-03-05 17:50   
Code reviewed and verified