Openbravo Issue Tracking System - Openbravo ERP | ||||||||||||
View Issue Details | ||||||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | |||||||
0037929 | Openbravo ERP | A. Platform | public | 2018-02-15 12:04 | 2018-02-20 13:21 | |||||||
Reporter | alostale | |||||||||||
Assigned To | alostale | |||||||||||
Priority | immediate | Severity | minor | Reproducibility | have not tried | |||||||
Status | closed | Resolution | fixed | |||||||||
Platform | OS | 5 | OS Version | |||||||||
Product Version | ||||||||||||
Target Version | 3.0PR18Q1 | Fixed in Version | 3.0PR18Q1 | |||||||||
Merge Request Status | ||||||||||||
Review Assigned To | caristu | |||||||||||
OBNetwork customer | ||||||||||||
Web browser | ||||||||||||
Modules | Core | |||||||||||
Support ticket | ||||||||||||
Regression level | Production - Confirmed Stable | |||||||||||
Regression date | 2016-05-02 | |||||||||||
Regression introduced in release | 3.0PR17Q3 | |||||||||||
Regression introduced by commit | http://code.openbravo.com/erp/pmods/org.openbravo.mobile.core/rev/0bd874e354593cfb98d714cf2e0dd54e4864295b [^] | |||||||||||
Triggers an Emergency Pack | No | |||||||||||
Summary | 0037929: sys admin sessions created after reaching CU limit are not automatically kicked out | |||||||||||
Description | After concurrent users limit is reached, only users with System Admin role are allowed to log in the application. When this limit is reached, before rejecting new logins, it is checked if there are logged in session that were inactive for the last 2 minutes and if so they are kicked out so log in is accepted. System Admin sessions created in this situation are not automatically kicked out, so they only get deactivated releasing its CU after manual log out or after Tomcat timeout. They should be kicked out also if they were inactive for 2 minutes. | |||||||||||
Steps To Reproduce | In an instance activated with 1 CU limit: 1. Log in with Openbravo user (session 1) 2. In another browser log in with Openbravo user (session 2) -> Warn about CU limit reached is displayed, but log in is allowed with only access to System Admin role 3. Without logging out, close browsers with session 1 and 2 4. Wait 3 minutes 5. Log in with a user that has NO access to System Admin -> ERROR: Login is rejected EXPECTED: Login should be allowed because sessions 1 and 2 should have been kicked out because they were inactive for more than 2 minutes | |||||||||||
Proposed Solution | ||||||||||||
Additional Information | ||||||||||||
Tags | No tags attached. | |||||||||||
Relationships |
| |||||||||||
Attached Files | ||||||||||||
Issue History | ||||||||||||
Date Modified | Username | Field | Change | |||||||||
2018-02-15 12:11 | alostale | Type | defect => backport | |||||||||
2018-02-15 12:11 | alostale | Target Version | => 3.0PR18Q1 | |||||||||
2018-02-15 13:04 | hgbot | Checkin | ||||||||||
2018-02-15 13:04 | hgbot | Note Added: 0102436 | ||||||||||
2018-02-15 13:04 | hgbot | Status | scheduled => resolved | |||||||||
2018-02-15 13:04 | hgbot | Resolution | open => fixed | |||||||||
2018-02-15 13:04 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/backports/3.0PR18Q1/rev/4306e87ae836caaf0fd36216986dae3c960d727a [^] | |||||||||
2018-02-20 13:21 | caristu | Review Assigned To | AugustoMauch => caristu | |||||||||
2018-02-20 13:21 | caristu | Note Added: 0102526 | ||||||||||
2018-02-20 13:21 | caristu | Status | resolved => closed | |||||||||
2018-02-20 13:21 | caristu | Fixed in Version | => 3.0PR18Q1 |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|