Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0030031 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | minor | have not tried | 2015-05-27 15:05 | 2017-06-02 18:22 | |||
| Reporter | shuehner | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | high | Resolution | fixed | Fixed in Version | 3.0PR17Q3 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | 624c1fa5299c | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | caristu | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0030031: row created in ad_session for same cookie after every erp logout | |||||||
| Description | Context of testing: [2:56:18 PM] Stefan Huehner: create ad_session with status F [2:56:25 PM] Stefan Huehner: if you login that same row changes to status S [2:56:44 PM] Stefan Huehner: if you logout that row changes to session_active=n [2:56:49 PM] Stefan Huehner: browser shows login page [2:57:05 PM] Stefan Huehner: and on top you get 2 more rows in ad_session with that same for 'websession' and status = F again This but is about that last line. Having active erp login Doing normal logout (which redirects to login page) Does create 2 ad_session entries for same cookie (aka column websession) | |||||||
| Steps To Reproduce | Go to livebuilds. erp_pgsql_pi login logout now check ad_session content related to your logins (i.e. filter by your ip) select ad_session_id,created,websession,remote_addr, username,login_status,* from ad_session where remote_addr = '<your client ip>' order by created desc limit 3; An sql similar to that can be used to find the probably relevant rows assuming single user. Note: livebuilds is example, probably reproducible in other systems (i.e. also noticed in online demo) | |||||||
| Tags | Performance | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
 Relationships |
|
Notes |
|
|
(0078204) caristu (developer) 2015-06-11 09:04 edited on: 2017-05-17 09:16 |
The behavior seems to be different depending on the browser. - Firefox: in this case, when logout is done, the code in index.jsp is called twice and therefore the authenticate method of AuthenticationManager is executed two times. For this reason, a double row with status "F" is created in ad_session table. - Chrome: in this case, when logout is done, one record is created with status "F". This is also wrong. |
|
(0097015) hgbot (developer) 2017-05-30 15:20 |
Repository: erp/devel/pi Changeset: 624c1fa5299c05dd0de944b06e65e33b3a7da6a9 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Tue May 30 15:17:57 2017 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/624c1fa5299c05dd0de944b06e65e33b3a7da6a9 [^] fixed bug 30031: row created in ad_session for same cookie after erp logout Logout navigates to root page (index.jsp) which in case of not logged in, redirects to login page. By default jsp pages creates a HttpSession if it does not exist, so finally we got a HttpSession + an AD_Session entry. Fixed by preventing session creation in index.jsp, and redirecting to login page if no session detected. --- M src/index.jsp M src/org/openbravo/authentication/AuthenticationManager.java --- |
|
(0097038) hudsonbot (developer) 2017-05-30 20:59 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/b1bab5011974 [^] Maturity status: Test |
|
(0097114) caristu (developer) 2017-06-02 18:22 |
Code reviewed + tested OK. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2015-05-27 15:05 | shuehner | New Issue | |
| 2015-05-27 15:05 | shuehner | Assigned To | => platform |
| 2015-05-27 15:05 | shuehner | Modules | => Core |
| 2015-05-27 15:05 | shuehner | Triggers an Emergency Pack | => No |
| 2015-06-05 09:03 | alostale | Status | new => acknowledged |
| 2015-06-05 09:04 | alostale | Target Version | => 3.0PR15Q3 |
| 2015-06-09 08:57 | alostale | Status | acknowledged => scheduled |
| 2015-06-09 08:57 | alostale | Assigned To | platform => caristu |
| 2015-06-11 09:04 | caristu | Note Added: 0078204 | |
| 2015-06-11 09:07 | caristu | Note Edited: 0078204 | View Revisions |
| 2015-06-11 09:08 | caristu | Note Edited: 0078204 | View Revisions |
| 2015-06-11 09:11 | caristu | Note Edited: 0078204 | View Revisions |
| 2015-06-29 10:49 | alostale | Target Version | 3.0PR15Q3 => |
| 2015-11-11 12:12 | alostale | Status | scheduled => acknowledged |
| 2015-11-11 12:13 | alostale | Assigned To | caristu => platform |
| 2017-05-17 08:47 | alostale | Tag Attached: Performance | |
| 2017-05-17 08:48 | alostale | Priority | normal => high |
| 2017-05-17 08:49 | caristu | Relationship added | related to 0035994 |
| 2017-05-17 09:15 | caristu | Note Edited: 0078204 | View Revisions |
| 2017-05-17 09:16 | caristu | Note Edited: 0078204 | View Revisions |
| 2017-05-30 15:13 | alostale | Summary | Double row created in ad_session for same cookie after every erp logout => row created in ad_session for same cookie after every erp logout |
| 2017-05-30 15:20 | alostale | Assigned To | platform => alostale |
| 2017-05-30 15:20 | hgbot | Checkin | |
| 2017-05-30 15:20 | hgbot | Note Added: 0097015 | |
| 2017-05-30 15:20 | hgbot | Status | acknowledged => resolved |
| 2017-05-30 15:20 | hgbot | Resolution | open => fixed |
| 2017-05-30 15:20 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/624c1fa5299c05dd0de944b06e65e33b3a7da6a9 [^] |
| 2017-05-30 15:21 | alostale | Review Assigned To | => caristu |
| 2017-05-30 20:59 | hudsonbot | Checkin | |
| 2017-05-30 20:59 | hudsonbot | Note Added: 0097038 | |
| 2017-06-02 18:22 | caristu | Note Added: 0097114 | |
| 2017-06-02 18:22 | caristu | Status | resolved => closed |
| 2017-06-02 18:22 | caristu | Fixed in Version | => 3.0PR17Q3 |
| 2018-03-08 09:39 | alostale | Relationship added | related to 0038075 |
| 2018-03-08 12:39 | alostale | Relationship added | blocks 0038079 |
| 2018-05-24 17:50 | caristu | Relationship added | causes 0038566 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |