Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0019337 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | critical | have not tried | 2011-12-20 09:46 | 2011-12-20 09:56 | |||
| Reporter | alostale | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | immediate | Resolution | fixed | Fixed in Version | 3.0MP7 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | 320ff5578813 | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | ||||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0019337: Api change build 2631 | |||||||
| Description | Bad method org.openbravo.service.web.BaseWebServiceServlet.service(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse): nonfinal in SANDBOX/api-checks/java/reference/java, but final in /srv/hudson/workspace/int-full-oracle/SANDBOX/api-checks/output/2631 Missing method org.openbravo.service.web.BaseWebServiceServlet.doBasicAuthentication(javax.servlet.http.HttpServletRequest): missing in /srv/hudson/workspace/int-full-oracle/SANDBOX/api-checks/output/2631 method org.openbravo.service.web.BaseWebServiceServlet.isLoggedIn(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse): missing in /srv/hudson/workspace/int-full-oracle/SANDBOX/api-checks/output/2631 As part of new pricing policies project, authentication has been removed from BaseWebServiceServlet to use the standard one in Authentication manager. Additionally BaseWebServiceServlet.service method has been made final so subclasses cannot modify it. | |||||||
| Steps To Reproduce | - | |||||||
| Proposed Solution | Risk: These affects to modules extending BaseWebServiceServlet. There are two cases where that can affect them: -If they override service method. This is now not allowed. They must be fixed to override doService method, which is called from service. -In case they were using doBasicAuthentication or isLoggedIn to implement authenitcation. This is not allowed anymore, web service authentication must be done using the AuthenicationManager.webServiceAuthenticate method [1], which in fact is called in the final sevice method. The risk of these changes is *low* because modules providing web services in the documented manner [2] are not affected. Proposed solution: Accept these changes as the risk is low and now authentication is enforced to use the new methods [1] http://wiki.openbravo.com/wiki/Authentication#Web_Services_and_Connectors [^] [2] http://wiki.openbravo.com/wiki/How_to_create_a_new_REST_webservice [^] | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|
 Relationships |
|
Notes |
|
|
(0043967) hgbot (developer) 2011-12-20 09:56 |
Repository: erp/devel/api-checks Changeset: 320ff5578813fb809ade4f8372f9b3a0b3041c76 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Tue Dec 20 09:55:36 2011 +0100 URL: http://code.openbravo.com/erp/devel/api-checks/rev/320ff5578813fb809ade4f8372f9b3a0b3041c76 [^] fixed issue 19337: Api change build 2631 --- M java/reference/java.japi.gz --- |
|
(0043968) alostale (manager) 2011-12-20 09:56 |
Accepted |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2011-12-20 09:46 | alostale | New Issue | |
| 2011-12-20 09:46 | alostale | Assigned To | => alostale |
| 2011-12-20 09:46 | alostale | Modules | => Core |
| 2011-12-20 09:53 | alostale | Proposed Solution updated | |
| 2011-12-20 09:53 | alostale | Summary | Api change build 0002631 => Api change build 2631 |
| 2011-12-20 09:56 | hgbot | Checkin | |
| 2011-12-20 09:56 | hgbot | Note Added: 0043967 | |
| 2011-12-20 09:56 | hgbot | Status | new => resolved |
| 2011-12-20 09:56 | hgbot | Resolution | open => fixed |
| 2011-12-20 09:56 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/api-checks/rev/320ff5578813fb809ade4f8372f9b3a0b3041c76 [^] |
| 2011-12-20 09:56 | alostale | Note Added: 0043968 | |
| 2011-12-20 09:56 | alostale | Status | resolved => closed |
| 2011-12-20 09:56 | alostale | Fixed in Version | => 3.0MP7 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |