Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0036238 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| feature request | [Openbravo ERP] A. Platform | minor | have not tried | 2017-06-12 23:38 | 2017-06-23 13:08 | |||
| Reporter | mtaal | View Status | public | |||||
| Assigned To | mtaal | |||||||
| Priority | normal | Resolution | fixed | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | 882327cc2f61 | ||||
| Projection | none | ETA | none | Target Version | 3.0PR17Q3 | |||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Merge Request Status | ||||||||
| Review Assigned To | AugustoMauch | |||||||
| OBNetwork customer | No | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0036238: Support basic authentication: if a stateless request has an invalid login then set the status code to unauthorized | |||||||
| Description | To support handling of basic authentication in stateless request set the unauthorized status code if a login is invalid. [1] https://code.openbravo.com/erp/devel/pi/file/91dbb09a074c/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java#l215 [^] | |||||||
| Steps To Reproduce | do stateless request with basic authentication without sending basic authentication information as headers. [1] https://code.openbravo.com/tools/automation/pi-mobile/file/f86a6cbf1ea6/src-test/org/openbravo/test/mobile/retail/mobilecore/webservice/WebServicesHelper.java#l227 [^] | |||||||
| Proposed Solution | add these lines + if (AuthenticationManager.isStatelessRequest(request)) { + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + } | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||
|
|||||||||
 Relationships |
|
Notes |
|
|
(0097333) hgbot (developer) 2017-06-12 23:39 |
Repository: erp/devel/pi Changeset: cf22410613135f0682d438831914a4a64999ab56 Author: Martin Taal <martin.taal <at> openbravo.com> Date: Mon Jun 12 23:38:46 2017 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/cf22410613135f0682d438831914a4a64999ab56 [^] Fixes issue 36238: Support basic authentication: if a stateless request has an invalid login then set the status code to unauthorized Set status unauthorized --- M src/org/openbravo/base/secureApp/HttpSecureAppServlet.java --- |
|
(0097334) hgbot (developer) 2017-06-12 23:41 |
Repository: erp/pmods/org.openbravo.mobile.core Changeset: 882327cc2f61b4800dd0571870d52b7fcd3ba34e Author: Martin Taal <martin.taal <at> openbravo.com> Date: Mon Jun 12 23:40:56 2017 +0200 URL: http://code.openbravo.com/erp/pmods/org.openbravo.mobile.core/rev/882327cc2f61b4800dd0571870d52b7fcd3ba34e [^] Fixes issue 36238: Support basic authentication: if a stateless request has an invalid login then set the status code to unauthorized Set the correct headers in case of basic authentication --- M src/org/openbravo/mobile/core/process/WebServiceAuthenticatedServlet.java --- |
|
(0097335) hgbot (developer) 2017-06-12 23:42 |
Repository: tools/automation/pi-mobile Changeset: a908718d22c17d1c80c1fe555d7e86b57d5ea147 Author: Martin Taal <martin.taal <at> openbravo.com> Date: Mon Jun 12 23:42:32 2017 +0200 URL: http://code.openbravo.com/tools/automation/pi-mobile/rev/a908718d22c17d1c80c1fe555d7e86b57d5ea147 [^] Related to issue 36238: Support basic authentication: if a stateless request has an invalid login then set the status code to unauthorized Adapt test cases to use new basic authentication approach --- M src-test/org/openbravo/test/mobile/retail/extmodules/unittest/tests/statelesswebservice/StatelessRetailOrderLoaderTest.java M src-test/org/openbravo/test/mobile/retail/mobilecore/webservice/WebServicesHelper.java --- |
|
(0097340) hudsonbot (viewer) 2017-06-13 07:41 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/44d87c9454e7 [^] Maturity status: Test |
|
(0097607) AugustoMauch (administrator) 2017-06-23 13:08 |
Code reviewed |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2017-06-12 23:38 | mtaal | New Issue | |
| 2017-06-12 23:38 | mtaal | Assigned To | => mtaal |
| 2017-06-12 23:38 | mtaal | OBNetwork customer | => No |
| 2017-06-12 23:38 | mtaal | Modules | => Core |
| 2017-06-12 23:38 | mtaal | Triggers an Emergency Pack | => No |
| 2017-06-12 23:38 | mtaal | Review Assigned To | => AugustoMauch |
| 2017-06-12 23:38 | mtaal | Proposed Solution updated | |
| 2017-06-12 23:39 | hgbot | Checkin | |
| 2017-06-12 23:39 | hgbot | Note Added: 0097333 | |
| 2017-06-12 23:39 | hgbot | Status | new => resolved |
| 2017-06-12 23:39 | hgbot | Resolution | open => fixed |
| 2017-06-12 23:39 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/cf22410613135f0682d438831914a4a64999ab56 [^] |
| 2017-06-12 23:39 | mtaal | Relationship added | related to 0035325 |
| 2017-06-12 23:41 | hgbot | Checkin | |
| 2017-06-12 23:41 | hgbot | Note Added: 0097334 | |
| 2017-06-12 23:41 | hgbot | Fixed in SCM revision | http://code.openbravo.com/erp/devel/pi/rev/cf22410613135f0682d438831914a4a64999ab56 [^] => http://code.openbravo.com/erp/pmods/org.openbravo.mobile.core/rev/882327cc2f61b4800dd0571870d52b7fcd3ba34e [^] |
| 2017-06-12 23:42 | hgbot | Checkin | |
| 2017-06-12 23:42 | hgbot | Note Added: 0097335 | |
| 2017-06-13 07:41 | hudsonbot | Checkin | |
| 2017-06-13 07:41 | hudsonbot | Note Added: 0097340 | |
| 2017-06-23 13:08 | AugustoMauch | Note Added: 0097607 | |
| 2017-06-23 13:08 | AugustoMauch | Status | resolved => closed |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |