Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||||||
| ID | ||||||||||||
| 0036808 | ||||||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||||||
| design defect | [Openbravo ERP] A. Platform | minor | always | 2017-09-07 19:21 | 2022-02-01 08:08 | |||||||
| Reporter | caristu | View Status | public | |||||||||
| Assigned To | Triage Platform Base | |||||||||||
| Priority | normal | Resolution | open | Fixed in Version | ||||||||
| Status | new | Fix in branch | Fixed in SCM revision | |||||||||
| Projection | none | ETA | none | Target Version | ||||||||
| OS | Any | Database | Any | Java version | ||||||||
| OS Version | Database version | Ant version | ||||||||||
| Product Version | SCM revision | |||||||||||
| Review Assigned To | ||||||||||||
| Web browser | ||||||||||||
| Modules | Core | |||||||||||
| Regression level | ||||||||||||
| Regression date | ||||||||||||
| Regression introduced in release | ||||||||||||
| Regression introduced by commit | ||||||||||||
| Triggers an Emergency Pack | No | |||||||||||
| Summary | 0036808: AuthenticationManager should be stateless | |||||||||||
| Description | The AuthenticationManager class should be stateless. This class is used by the HttpSecureAppServlet[1] instances in order to ensure that the servlet requests are properly authenticated. If this class would be stateless then it could be declared as a singleton (@ApplicationScoped) within those kind of servlets. Thus, just a single instance of this class will be reused by every servlet. Also this will help to solve any possible multi-thread unsafety in this regard. [1] https://code.openbravo.com/erp/devel/pi/file/1fe55bea0066/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java#l84 [^] | |||||||||||
| Steps To Reproduce | In description | |||||||||||
| Proposed Solution | To make this class stateless the following attributes should be declared as private and we should handle their assignments properly: - protected ConnectionProvider conn - protected String defaultServletUrl - protected String localAdress Please note that this will be an API change affecting those classes extending AuthenticationManager. Besides, this change would require to review those classes in deep in order to ensure that they can work properly as singletons. | |||||||||||
| Tags | No tags attached. | |||||||||||
| Attached Files | ||||||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
| There are no notes attached to this issue. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2017-09-07 19:21 | caristu | New Issue | |
| 2017-09-07 19:21 | caristu | Assigned To | => platform |
| 2017-09-07 19:21 | caristu | Modules | => Core |
| 2017-09-07 19:21 | caristu | Triggers an Emergency Pack | => No |
| 2017-09-07 19:21 | caristu | Relationship added | related to 0035164 |
| 2022-02-01 08:08 | alostale | Assigned To | platform => Triage Platform Base |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |