Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0037930 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| backport | [Openbravo ERP] A. Platform | minor | have not tried | 2018-02-15 12:04 | 2018-03-14 09:24 | |||
| Reporter | alostale | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | immediate | Resolution | fixed | Fixed in Version | 3.0PR17Q4.2 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | 46e3b30ba123 | ||||
| Projection | none | ETA | none | Target Version | 3.0PR17Q4.2 | |||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | AugustoMauch | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | Production - Confirmed Stable | |||||||
| Regression date | 2016-05-02 | |||||||
| Regression introduced in release | 3.0PR17Q3 | |||||||
| Regression introduced by commit | http://code.openbravo.com/erp/pmods/org.openbravo.mobile.core/rev/0bd874e354593cfb98d714cf2e0dd54e4864295b [^] | |||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0037930: sys admin sessions created after reaching CU limit are not automatically kicked out | |||||||
| Description | After concurrent users limit is reached, only users with System Admin role are allowed to log in the application. When this limit is reached, before rejecting new logins, it is checked if there are logged in session that were inactive for the last 2 minutes and if so they are kicked out so log in is accepted. System Admin sessions created in this situation are not automatically kicked out, so they only get deactivated releasing its CU after manual log out or after Tomcat timeout. They should be kicked out also if they were inactive for 2 minutes. | |||||||
| Steps To Reproduce | In an instance activated with 1 CU limit: 1. Log in with Openbravo user (session 1) 2. In another browser log in with Openbravo user (session 2) -> Warn about CU limit reached is displayed, but log in is allowed with only access to System Admin role 3. Without logging out, close browsers with session 1 and 2 4. Wait 3 minutes 5. Log in with a user that has NO access to System Admin -> ERROR: Login is rejected EXPECTED: Login should be allowed because sessions 1 and 2 should have been kicked out because they were inactive for more than 2 minutes | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0102509) hgbot (developer) 2018-02-20 08:54 |
Repository: erp/backports/3.0PR17Q4.2 Changeset: 46e3b30ba1234a84458d7c1762662bdc83f54ed6 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Thu Feb 15 13:01:08 2018 +0100 URL: http://code.openbravo.com/erp/backports/3.0PR17Q4.2/rev/46e3b30ba1234a84458d7c1762662bdc83f54ed6 [^] fixed bug 37930: sys admin CUR sessions are not automatically kicked out System Admin CUR session (created when CU limit is reached), consume CU but were not kicked out after inactivity period before rejecting other logins. Fixed by including CUR sessions in the ones that are automatically always killed if no ping is detected for 2 minutes. --- M src/org/openbravo/erpCommon/ad_process/HeartbeatProcess.java M src/org/openbravo/erpCommon/obps/ActivationKey.java --- |
|
(0103231) AugustoMauch (manager) 2018-03-14 09:23 |
Code reviewed and verified |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2018-02-15 12:11 | alostale | Type | defect => backport |
| 2018-02-15 12:11 | alostale | Target Version | => 3.0PR17Q4.2 |
| 2018-02-20 08:54 | hgbot | Checkin | |
| 2018-02-20 08:54 | hgbot | Note Added: 0102509 | |
| 2018-02-20 08:54 | hgbot | Status | scheduled => resolved |
| 2018-02-20 08:54 | hgbot | Resolution | open => fixed |
| 2018-02-20 08:54 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/backports/3.0PR17Q4.2/rev/46e3b30ba1234a84458d7c1762662bdc83f54ed6 [^] |
| 2018-03-14 09:24 | AugustoMauch | Note Added: 0103231 | |
| 2018-03-14 09:24 | AugustoMauch | Status | resolved => closed |
| 2018-03-14 09:24 | AugustoMauch | Fixed in Version | => 3.0PR17Q4.2 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |