Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0038057
TypeCategorySeverityReproducibilityDate SubmittedLast Update
backport[Openbravo ERP] A. Platformmajoralways2018-03-06 10:472018-03-13 11:17
ReportergorkaionView Statuspublic 
Assigned Toalostale 
PriorityimmediateResolutionfixedFixed in Version3.0PR18Q1.1
StatusclosedFix in branchFixed in SCM revision7ed1905d8d3f
ProjectionnoneETAnoneTarget Version3.0PR18Q1.1
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Tocaristu
Web browser
ModulesCore
Regression levelProduction - Confirmed Stable
Regression date2017-04-12
Regression introduced in release3.0PR17Q3
Regression introduced by commithttps://code.openbravo.com/erp/devel/pi/rev/c17655a6fb3ffb29cdd5d73073615ba9d60cd941 [^]
Triggers an Emergency PackNo
Summary

0038057: Prevents concurrent sessions for same user not working

DescriptionWith the system configured to allow one session per user. When a second session is opened a confirmation popup is opened to kill previous sessions, if OK is pressed a white page with the following json is shown instead of log in into the backend.

{"showMessage":true,"messageType":"Error","messageTitle":"Please try again.","messageText":"Invalid user name or password."}
Steps To Reproduce1 Configure the openbravo properties to allow only one session per user by changing the property login.limit.user.session value to true.
2 Restart tomcat and log in to the backedn with user Openbravo.
3 On a different browser or hostname try to log in again with user Openbravo.
4 Check that the concurrent session popup is shown but if OK is pressed the white page appears.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
blocks defect 0038051 closedalostale Prevents concurrent sessions for same user not working 

-  Notes
(0103174)
hgbot (developer)
2018-03-13 07:45

 Repository: erp/backports/3.0PR18Q1.1
Changeset: 7ed1905d8d3f13146d788fe274637d66412106fb
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Tue Mar 06 14:10:50 2018 +0100
URL: http://code.openbravo.com/erp/backports/3.0PR18Q1.1/rev/7ed1905d8d3f13146d788fe274637d66412106fb [^]

fixed bug 38057: prevents concurrent sessions for same user not working

  When login.limit.user.session is enabled, only one session per named user is
  allowed. In case there is another session for the same user that's currently
  logging in, a confirmation message appears to tell the user other session will
  be cancelled.

  After confirmation, login should be completed, but it failed displaying a blank
  page.

  The problem was caused because instead of resending a POST request to complete
  login, a GET without param values was sent to LoginHandler.

  Now it is fixed, in case of accepeted confirmation diagog, login will be sent
  again.

---
M src/org/openbravo/base/secureApp/LoginHandler.java
M src/org/openbravo/erpCommon/security/Login.html
M web/js/login.js
M web/js/utils.js
---
(0103183)
caristu (developer)
2018-03-13 11:17

 Code reviewed + tested OK.

- Issue History
Date Modified Username Field Change
2018-03-06 14:05 alostale Type defect => backport
2018-03-06 14:05 alostale Target Version => 3.0PR18Q3.1
2018-03-13 07:40 alostale Target Version 3.0PR18Q3.1 => 3.0PR18Q1.1
2018-03-13 07:45 hgbot Checkin
2018-03-13 07:45 hgbot Note Added: 0103174
2018-03-13 07:45 hgbot Status scheduled => resolved
2018-03-13 07:45 hgbot Resolution open => fixed
2018-03-13 07:45 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR18Q1.1/rev/7ed1905d8d3f13146d788fe274637d66412106fb [^]
2018-03-13 11:17 caristu Note Added: 0103183
2018-03-13 11:17 caristu Status resolved => closed
2018-03-13 11:17 caristu Fixed in Version => 3.0PR18Q1.1

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker