Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0040454 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | minor | always | 2019-03-26 12:23 | 2019-05-03 09:22 | |||
| Reporter | caristu | View Status | public | |||||
| Assigned To | caristu | |||||||
| Priority | immediate | Resolution | fixed | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | 0441ef6e8ffd | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Merge Request Status | ||||||||
| Review Assigned To | alostale | |||||||
| OBNetwork customer | No | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | Packaging and release | |||||||
| Regression date | 2018-10-18 | |||||||
| Regression introduced in release | 3.0PR19Q1 | |||||||
| Regression introduced by commit | https://code.openbravo.com/erp/devel/pi/rev/43a7e93a946d76de69bb30b066d41a6647508b30 [^] | |||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0040454: CSRF Token Error after executing Copy Store Process | |||||||
| Description | A wrong CSRF Token Error is received after executing Copy Store Process. It seems that after executing that process the session token is changed. See the error retrieved in the log: ... ERROR org.openbravo.service.datasource.DataSourceServlet - CSRF token check failed. Request=/retail_modules_pgsql_pi/org.openbravo.service.datasource/Organization, SessionID=8320D7B725AA96EDBC81E394718D94EB, SessionToken=D2CDD6FF000745EC89E6CD81BC4E1DF6, RequestToken=6A2759CF82CC4390B179CDE8C9FD55EA 2019-03-26 12:43:44,792 [ajp-bio-127.0.0.1-8009-exec-90] ERROR org.openbravo.service.datasource.DataSourceServlet - InvalidCSRFToken org.openbravo.client.kernel.OBUserException: InvalidCSRFToken at org.openbravo.service.datasource.DataSourceServlet.checkCsrfToken(DataSourceServlet.java:939) [DataSourceServlet.class:?] ... | |||||||
| Steps To Reproduce | 0) Use an environment with the Retail pack + Copy Store module 1) Login as White Valley Group Admin 2) Open the [Organization] window 3) Open the "Copy Retail Store" process and execute it 4) Go back to the [Organization] window and try to edit a record. Note that is not possible because of the CSRF Token Error (see attached image) | |||||||
| Tags | No tags attached. | |||||||
| Attached Files |  csrfTokenError.png [^] (79,202 bytes) 2019-03-26 12:23
| |||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0110670) hgbot (developer) 2019-03-27 09:02 |
Repository: erp/pmods/org.openbravo.retail.copystore Changeset: f740efe4f91425e42d3a0a413e8d9ba5173d39a5 Author: Carlos Aristu <carlos.aristu <at> openbravo.com> Date: Wed Mar 27 08:58:48 2019 +0100 URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^] fixes issue 40454: CSRF Token Error after executing Copy Store Process The Copy Store process refreshes the session values to take into account the newly created organization (store). To do so, it invokes LoginUtils.fillSessionArguments which also sets in session a new value for the CSRF token which caused the issue. To avoid this problem we restore the old CSRF token in session after invoking fillSessionArguments in the Copy Store process. --- M src/org/openbravo/retail/copystore/process/CopyStoreProcess.java --- |
|
(0110915) alostale (viewer) 2019-03-29 09:03 |
reviewed + tested |
|
(0111404) hgbot (developer) 2019-04-30 19:00 |
Repository: erp/pmods/org.openbravo.retail.copystore Changeset: 0441ef6e8ffdfb8a903475d407716b9487abfebb Author: Carlos Aristu <carlos.aristu <at> openbravo.com> Date: Wed Mar 27 08:58:48 2019 +0100 URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/0441ef6e8ffdfb8a903475d407716b9487abfebb [^] fixes issue 40454: CSRF Token Error after executing Copy Store Process The Copy Store process refreshes the session values to take into account the newly created organization (store). To do so, it invokes LoginUtils.fillSessionArguments which also sets in session a new value for the CSRF token which caused the issue. To avoid this problem we restore the old CSRF token in session after invoking fillSessionArguments in the Copy Store process. --- M src/org/openbravo/retail/copystore/process/CopyStoreProcess.java --- |
|
(0111458) alostale (viewer) 2019-05-03 09:22 |
closed as it was incorrectly reopened by merge |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2019-03-26 12:23 | caristu | New Issue | |
| 2019-03-26 12:23 | caristu | Assigned To | => platform |
| 2019-03-26 12:23 | caristu | File Added: csrfTokenError.png | |
| 2019-03-26 12:23 | caristu | OBNetwork customer | => No |
| 2019-03-26 12:23 | caristu | Modules | => Core |
| 2019-03-26 12:23 | caristu | Triggers an Emergency Pack | => No |
| 2019-03-26 12:24 | caristu | Relationship added | caused by 0039123 |
| 2019-03-26 12:27 | caristu | Regression level | => Production - QA Approved |
| 2019-03-26 12:27 | caristu | Regression date | => 2018-10-18 |
| 2019-03-26 12:27 | caristu | Regression introduced in release | => 3.0PR19Q1 |
| 2019-03-26 12:27 | caristu | Regression introduced by commit | => https://code.openbravo.com/erp/devel/pi/rev/43a7e93a946d76de69bb30b066d41a6647508b30 [^] |
| 2019-03-26 12:28 | caristu | Regression level | Production - QA Approved => Packaging and release |
| 2019-03-26 12:47 | caristu | Description Updated | View Revisions |
| 2019-03-26 12:48 | caristu | Steps to Reproduce Updated | View Revisions |
| 2019-03-26 19:23 | caristu | Assigned To | platform => caristu |
| 2019-03-27 09:02 | hgbot | Checkin | |
| 2019-03-27 09:02 | hgbot | Note Added: 0110670 | |
| 2019-03-27 09:02 | hgbot | Status | new => resolved |
| 2019-03-27 09:02 | hgbot | Resolution | open => fixed |
| 2019-03-27 09:02 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^] |
| 2019-03-27 09:02 | caristu | Review Assigned To | => alostale |
| 2019-03-29 09:03 | alostale | Note Added: 0110915 | |
| 2019-03-29 09:03 | alostale | Status | resolved => closed |
| 2019-04-30 19:00 | hgbot | Checkin | |
| 2019-04-30 19:00 | hgbot | Note Added: 0111404 | |
| 2019-04-30 19:00 | hgbot | Status | closed => resolved |
| 2019-04-30 19:00 | hgbot | Fixed in SCM revision | http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^] => http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/0441ef6e8ffdfb8a903475d407716b9487abfebb [^] |
| 2019-05-03 09:22 | alostale | Note Added: 0111458 | |
| 2019-05-03 09:22 | alostale | Status | resolved => closed |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |