Anonymous | Login
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformmajorhave not tried2010-02-19 13:182010-03-10 18:30
ReportershuehnerView Statuspublic 
Assigned Toshuehner 
PriorityimmediateResolutionfixedFixed in Version2.50MP12
StatusclosedFix in branchFixed in SCM revisione2616479f44e
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionpiSCM revision 
Review Assigned To
Web browser
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo

0012362: After a session timeout some http requests are still completely executed after the user is redirected to the login page

DescriptionIf as Users' session is timed-out or force-logged out. Then the user is (correctly) redirected to the login page so he can login again.

However in some cases the original http-request processing is not stopped after the redirect but continues. This continuation is not useful at all as the result will never be shown to the user (which is already seeing the login page),

In addition the original request cannot be executed successfully in most cases as the http session is already invalidated (so all values expected to be present are missing) leading to 'random' behavior.
Steps To ReproduceLogin as Openbravo admin
Goto Sales Management -> Transations -> Goods Shipment (or any other window with data).
Switch to grid view (Assuming grid is non-empty)
Force an session kill (update ad_session set session_active = 'N';commit) does force logout all sessions
Double click on any row shown in the grid
User gets redirected to the login page
See some exceptions shown in the logfile/eclipse-console
Proposed SolutionStop request processing in that case.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
has duplicate defect 0007654 closedshuehner After session timeout the browser is redirected to the login page but the original servlet is still executed 

-  Notes
hgbot (developer)
2010-02-19 13:44

Repository: erp/devel/pi
Changeset: e2616479f44e2235fc2ee38a9c4b1687fceafac7
Author: Stefan Hühner <stefan.huehner <at>>
Date: Fri Feb 19 13:45:50 2010 +0100
URL: [^]

Fixed 12362: don't execute old request after redirect to login page
If the users session is timed-out (or force-logged out) redirect to
login page as usual, but don't continue executing the old request
as its not useful and can't work correctly

M src/org/openbravo/base/secureApp/
hudsonbot (developer)
2010-03-03 13:48

A changeset related to this issue has been promoted to main after passing a series of tests and an OBX has been generated:

Changeset: [^]
Merge Changeset: [^]
Tests: [^]
OBX: [^]

- Issue History
Date Modified Username Field Change
2010-02-19 13:18 shuehner New Issue
2010-02-19 13:18 shuehner Assigned To => shuehner
2010-02-19 13:44 hgbot Checkin
2010-02-19 13:44 hgbot Note Added: 0024651
2010-02-19 13:44 hgbot Status new => resolved
2010-02-19 13:44 hgbot Resolution open => fixed
2010-02-19 13:44 hgbot Fixed in SCM revision => [^]
2010-02-19 17:13 alostale Status resolved => closed
2010-02-19 17:13 alostale Fixed in Version => 2.50MP12
2010-02-20 00:01 anonymous sf_bug_id 0 =>
2010-02-23 08:16 alostale Relationship added related to 0012401
2010-03-03 13:48 hudsonbot Checkin
2010-03-03 13:48 hudsonbot Note Added: 0025001
2010-03-03 17:47 shuehner Relationship deleted related to 0012401
2010-03-10 18:30 anonymous sf_bug_id => 2968090
2010-08-16 21:26 shuehner Relationship added has duplicate 0007654

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker