Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0023135 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| design defect | [Openbravo ERP] A. Platform | major | have not tried | 2013-02-21 10:32 | 2013-03-01 13:52 | |||
| Reporter | alostale | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | normal | Resolution | fixed | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | 0d32601d0243 | ||||
| Projection | none | ETA | none | Target Version | 3.0MP21 | |||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | marvintm | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0023135: Bypass authentication resources create sessions | |||||||
| Description | Components that are marked to bypass authentication, create a System session. | |||||||
| Steps To Reproduce | Without being logged in the application request a non authenticated resource (such as POS' libraries), check after this request the browser has an active system session. | |||||||
| Proposed Solution | After request invalidate session in case it was created just for this resource. | |||||||
| Tags | mobile | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||||||||||||||||
|
||||||||||||||||||||||
 Relationships |
|
Notes |
|
|
(0056674) hgbot (developer) 2013-02-21 10:54 |
Repository: erp/devel/pi Changeset: 0d32601d024353b3579b735cddcfcfef323b00fc Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Thu Feb 21 10:43:08 2013 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/0d32601d024353b3579b735cddcfcfef323b00fc [^] fixed issue 23135: Bypass authentication resources create sessions --- M modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java M src/org/openbravo/base/secureApp/HttpSecureAppServlet.java --- |
|
(0056712) hudsonbot (developer) 2013-02-22 07:57 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/b99c43bfb674 [^] Maturity status: Test |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2013-02-21 10:32 | alostale | New Issue | |
| 2013-02-21 10:32 | alostale | Assigned To | => alostale |
| 2013-02-21 10:32 | alostale | Modules | => Core |
| 2013-02-21 10:32 | alostale | Triggers an Emergency Pack | => No |
| 2013-02-21 10:32 | alostale | Relationship added | related to 0021508 |
| 2013-02-21 10:32 | alostale | Relationship added | related to 0023134 |
| 2013-02-21 10:33 | alostale | Tag Attached: mobile | |
| 2013-02-21 10:33 | alostale | Review Assigned To | => marvintm |
| 2013-02-21 10:54 | hgbot | Checkin | |
| 2013-02-21 10:54 | hgbot | Note Added: 0056674 | |
| 2013-02-21 10:54 | hgbot | Status | new => resolved |
| 2013-02-21 10:54 | hgbot | Resolution | open => fixed |
| 2013-02-21 10:54 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/0d32601d024353b3579b735cddcfcfef323b00fc [^] |
| 2013-02-22 07:57 | hudsonbot | Checkin | |
| 2013-02-22 07:57 | hudsonbot | Note Added: 0056712 | |
| 2013-03-01 13:52 | marvintm | Status | resolved => closed |
| 2013-03-14 15:31 | alostale | Relationship added | related to 0023309 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |