Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0023135
TypeCategorySeverityReproducibilityDate SubmittedLast Update
design defect[Openbravo ERP] A. Platformmajorhave not tried2013-02-21 10:322013-03-01 13:52
ReporteralostaleView Statuspublic 
Assigned Toalostale 
PrioritynormalResolutionfixedFixed in Version
StatusclosedFix in branchFixed in SCM revision0d32601d0243
ProjectionnoneETAnoneTarget Version3.0MP21
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Merge Request Status
Review Assigned Tomarvintm
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0023135: Bypass authentication resources create sessions

DescriptionComponents that are marked to bypass authentication, create a System session.
Steps To ReproduceWithout being logged in the application request a non authenticated resource (such as POS' libraries), check after this request the browser has an active system session.
Proposed SolutionAfter request invalidate session in case it was created just for this resource.
Tagsmobile
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to feature request 0021508 closedmarvintm Components require the user to be logged in to work correctly 
related to design defect 00231343.0MP21 closedalostale StyleSheet components should bypass authentication 
related to defect 00233093.0MP22 closedalostale POS redirected to Openbravo login page 

-  Notes
(0056674)
hgbot (developer)
2013-02-21 10:54

 Repository: erp/devel/pi
Changeset: 0d32601d024353b3579b735cddcfcfef323b00fc
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu Feb 21 10:43:08 2013 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/0d32601d024353b3579b735cddcfcfef323b00fc [^]

fixed issue 23135: Bypass authentication resources create sessions

---
M modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
M src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
---
(0056712)
hudsonbot (viewer)
2013-02-22 07:57

 A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/b99c43bfb674 [^]

Maturity status: Test

- Issue History
Date Modified Username Field Change
2013-02-21 10:32 alostale New Issue
2013-02-21 10:32 alostale Assigned To => alostale
2013-02-21 10:32 alostale Modules => Core
2013-02-21 10:32 alostale OBNetwork customer => No
2013-02-21 10:32 alostale Triggers an Emergency Pack => No
2013-02-21 10:32 alostale Relationship added related to 0021508
2013-02-21 10:32 alostale Relationship added related to 0023134
2013-02-21 10:33 alostale Tag Attached: mobile
2013-02-21 10:33 alostale Review Assigned To => marvintm
2013-02-21 10:54 hgbot Checkin
2013-02-21 10:54 hgbot Note Added: 0056674
2013-02-21 10:54 hgbot Status new => resolved
2013-02-21 10:54 hgbot Resolution open => fixed
2013-02-21 10:54 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/0d32601d024353b3579b735cddcfcfef323b00fc [^]
2013-02-22 07:57 hudsonbot Checkin
2013-02-22 07:57 hudsonbot Note Added: 0056712
2013-03-01 13:52 marvintm Status resolved => closed
2013-03-14 15:31 alostale Relationship added related to 0023309

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker