Anonymous | Login
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
TypeCategorySeverityReproducibilityDate SubmittedLast Update
backport[Openbravo ERP] A. Platformminorhave not tried2018-02-15 12:042018-03-14 09:24
ReporteralostaleView Statuspublic 
Assigned Toalostale 
PriorityimmediateResolutionfixedFixed in Version3.0PR17Q4.2
StatusclosedFix in branchFixed in SCM revision46e3b30ba123
ProjectionnoneETAnoneTarget Version3.0PR17Q4.2
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned ToAugustoMauch
Web browser
Regression levelProduction - Confirmed Stable
Regression date2016-05-02
Regression introduced in release3.0PR17Q3
Regression introduced by commit [^]
Triggers an Emergency PackNo

0037930: sys admin sessions created after reaching CU limit are not automatically kicked out

DescriptionAfter concurrent users limit is reached, only users with System Admin role are allowed to log in the application.

When this limit is reached, before rejecting new logins, it is checked if there are logged in session that were inactive for the last 2 minutes and if so they are kicked out so log in is accepted.

System Admin sessions created in this situation are not automatically kicked out, so they only get deactivated releasing its CU after manual log out or after Tomcat timeout. They should be kicked out also if they were inactive for 2 minutes.
Steps To ReproduceIn an instance activated with 1 CU limit:

1. Log in with Openbravo user (session 1)
2. In another browser log in with Openbravo user (session 2)
   -> Warn about CU limit reached is displayed, but log in is allowed with only access to System Admin role
3. Without logging out, close browsers with session 1 and 2
4. Wait 3 minutes
5. Log in with a user that has NO access to System Admin
   -> ERROR: Login is rejected
      EXPECTED: Login should be allowed because sessions 1 and 2 should have been kicked out because they were inactive for more than 2 minutes
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
blocks defect 0037928 closedalostale sys admin sessions created after reaching CU limit are not automatically kicked out 

-  Notes
hgbot (developer)
2018-02-20 08:54

Repository: erp/backports/3.0PR17Q4.2
Changeset: 46e3b30ba1234a84458d7c1762662bdc83f54ed6
Author: Asier Lostalé <asier.lostale <at>>
Date: Thu Feb 15 13:01:08 2018 +0100
URL: [^]

fixed bug 37930: sys admin CUR sessions are not automatically kicked out

  System Admin CUR session (created when CU limit is reached), consume CU but
  were not kicked out after inactivity period before rejecting other logins.

  Fixed by including CUR sessions in the ones that are automatically always
  killed if no ping is detected for 2 minutes.

M src/org/openbravo/erpCommon/ad_process/
M src/org/openbravo/erpCommon/obps/
AugustoMauch (developer)
2018-03-14 09:23

Code reviewed and verified

- Issue History
Date Modified Username Field Change
2018-02-15 12:11 alostale Type defect => backport
2018-02-15 12:11 alostale Target Version => 3.0PR17Q4.2
2018-02-20 08:54 hgbot Checkin
2018-02-20 08:54 hgbot Note Added: 0102509
2018-02-20 08:54 hgbot Status scheduled => resolved
2018-02-20 08:54 hgbot Resolution open => fixed
2018-02-20 08:54 hgbot Fixed in SCM revision => [^]
2018-03-14 09:24 AugustoMauch Note Added: 0103231
2018-03-14 09:24 AugustoMauch Status resolved => closed
2018-03-14 09:24 AugustoMauch Fixed in Version => 3.0PR17Q4.2

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker