Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0038051 | Openbravo ERP | A. Platform | public | 2018-03-06 10:47 | 2018-03-12 18:27 |
|
| Reporter | gorkaion | |
| Assigned To | alostale | |
| Priority | immediate | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | 3.0PR18Q2 | |
| Merge Request Status | |
| Review Assigned To | caristu |
| OBNetwork customer | |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | Production - Confirmed Stable |
| Regression date | 2017-04-12 |
| Regression introduced in release | 3.0PR17Q3 |
| Regression introduced by commit | https://code.openbravo.com/erp/devel/pi/rev/c17655a6fb3ffb29cdd5d73073615ba9d60cd941 [^] |
| Triggers an Emergency Pack | No |
|
| Summary | 0038051: Prevents concurrent sessions for same user not working |
| Description | With the system configured to allow one session per user. When a second session is opened a confirmation popup is opened to kill previous sessions, if OK is pressed a white page with the following json is shown instead of log in into the backend.
{"showMessage":true,"messageType":"Error","messageTitle":"Please try again.","messageText":"Invalid user name or password."} |
| Steps To Reproduce | 1 Configure the openbravo properties to allow only one session per user by changing the property login.limit.user.session value to true.
2 Restart tomcat and log in to the backedn with user Openbravo.
3 On a different browser or hostname try to log in again with user Openbravo.
4 Check that the concurrent session popup is shown but if OK is pressed the white page appears. |
| Proposed Solution | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | | depends on | backport | 0038057 | 3.0PR18Q1.1 | closed | alostale | Prevents concurrent sessions for same user not working | | depends on | backport | 0038058 | 3.0PR17Q4.2 | closed | alostale | Prevents concurrent sessions for same user not working | | caused by | feature request | 0035553 | | closed | caristu | Improve scalability of the login process |
|
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2018-03-06 10:47 | gorkaion | New Issue | |
| 2018-03-06 10:47 | gorkaion | Assigned To | => platform |
| 2018-03-06 10:47 | gorkaion | Modules | => Core |
| 2018-03-06 10:47 | gorkaion | Resolution time | => 1522101600 |
| 2018-03-06 10:47 | gorkaion | Regression level | => Production - Confirmed Stable |
| 2018-03-06 10:47 | gorkaion | Triggers an Emergency Pack | => No |
| 2018-03-06 13:46 | alostale | Relationship added | caused by 0035553 |
| 2018-03-06 13:48 | alostale | Regression date | => 2017-04-12 |
| 2018-03-06 13:48 | alostale | Regression introduced in release | => 3.0PR17Q3 |
| 2018-03-06 13:48 | alostale | Regression introduced by commit | => https://code.openbravo.com/erp/devel/pi/rev/c17655a6fb3ffb29cdd5d73073615ba9d60cd941 [^] |
| 2018-03-06 13:48 | alostale | Severity | critical => major |
| 2018-03-06 14:04 | alostale | Assigned To | platform => alostale |
| 2018-03-06 14:04 | alostale | Review Assigned To | => caristu |
| 2018-03-06 14:05 | alostale | Status | new => scheduled |
| 2018-03-06 14:40 | alostale | Note Added: 0103028 | |
| 2018-03-07 09:06 | hgbot | Checkin | |
| 2018-03-07 09:06 | hgbot | Note Added: 0103053 | |
| 2018-03-07 09:06 | hgbot | Status | scheduled => resolved |
| 2018-03-07 09:06 | hgbot | Resolution | open => fixed |
| 2018-03-07 09:06 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/47941073c4da09c262f06f546bc6c41307262184 [^] |
| 2018-03-07 15:41 | hudsonbot | Checkin | |
| 2018-03-07 15:41 | hudsonbot | Note Added: 0103065 | |
| 2018-03-12 16:27 | joniturralde93 | Issue Monitored: joniturralde93 | |
| 2018-03-12 18:27 | caristu | Note Added: 0103165 | |
| 2018-03-12 18:27 | caristu | Status | resolved => closed |
| 2018-03-12 18:27 | caristu | Fixed in Version | => 3.0PR18Q2 |
|
Notes |
|
|
|
|
|
|
(0103053)
|
|
hgbot
|
|
2018-03-07 09:06
|
|
Repository: erp/devel/pi
Changeset: 47941073c4da09c262f06f546bc6c41307262184
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Tue Mar 06 14:10:50 2018 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/47941073c4da09c262f06f546bc6c41307262184 [^]
fixed bug 38051: prevents concurrent sessions for same user not working
When login.limit.user.session is enabled, only one session per named user is
allowed. In case there is another session for the same user that's currently
logging in, a confirmation message appears to tell the user other session will
be cancelled.
After confirmation, login should be completed, but it failed displaying a blank
page.
The problem was caused because instead of resending a POST request to complete
login, a GET without param values was sent to LoginHandler.
Now it is fixed, in case of accepeted confirmation diagog, login will be sent
again.
---
M src/org/openbravo/base/secureApp/LoginHandler.java
M src/org/openbravo/erpCommon/security/Login.html
M web/js/login.js
M web/js/utils.js
---
|
|
|
|
|
|
|
|
|
|
Code reviewed + tested OK. |
|