Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0038058
TypeCategorySeverityReproducibilityDate SubmittedLast Update
backport[Openbravo ERP] A. Platformmajoralways2018-03-06 10:472018-03-13 11:27
ReportergorkaionView Statuspublic 
Assigned Toalostale 
PriorityimmediateResolutionfixedFixed in Version3.0PR17Q4.2
StatusclosedFix in branchFixed in SCM revision791535f42c17
ProjectionnoneETAnoneTarget Version3.0PR17Q4.2
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Tocaristu
Web browser
ModulesCore
Regression levelProduction - Confirmed Stable
Regression date2017-04-12
Regression introduced in release3.0PR17Q3
Regression introduced by commithttps://code.openbravo.com/erp/devel/pi/rev/c17655a6fb3ffb29cdd5d73073615ba9d60cd941 [^]
Triggers an Emergency PackNo
Summary

0038058: Prevents concurrent sessions for same user not working

DescriptionWith the system configured to allow one session per user. When a second session is opened a confirmation popup is opened to kill previous sessions, if OK is pressed a white page with the following json is shown instead of log in into the backend.

{"showMessage":true,"messageType":"Error","messageTitle":"Please try again.","messageText":"Invalid user name or password."}
Steps To Reproduce1 Configure the openbravo properties to allow only one session per user by changing the property login.limit.user.session value to true.
2 Restart tomcat and log in to the backedn with user Openbravo.
3 On a different browser or hostname try to log in again with user Openbravo.
4 Check that the concurrent session popup is shown but if OK is pressed the white page appears.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
blocks defect 0038051 closedalostale Prevents concurrent sessions for same user not working 

-  Notes
(0103175)
hgbot (developer)
2018-03-13 07:49

Repository: erp/backports/3.0PR17Q4.2
Changeset: 791535f42c177a6cc20cf8fae3791f46d959b8d1
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Tue Mar 06 14:10:50 2018 +0100
URL: http://code.openbravo.com/erp/backports/3.0PR17Q4.2/rev/791535f42c177a6cc20cf8fae3791f46d959b8d1 [^]

fixed bug 38058: prevents concurrent sessions for same user not working

  When login.limit.user.session is enabled, only one session per named user is
  allowed. In case there is another session for the same user that's currently
  logging in, a confirmation message appears to tell the user other session will
  be cancelled.

  After confirmation, login should be completed, but it failed displaying a blank
  page.

  The problem was caused because instead of resending a POST request to complete
  login, a GET without param values was sent to LoginHandler.

  Now it is fixed, in case of accepeted confirmation diagog, login will be sent
  again.

---
M src/org/openbravo/base/secureApp/LoginHandler.java
M src/org/openbravo/erpCommon/security/Login.html
M web/js/login.js
M web/js/utils.js
---
(0103184)
caristu (developer)
2018-03-13 11:27

Code reviewed + tested OK.

- Issue History
Date Modified Username Field Change
2018-03-06 14:05 alostale Type defect => backport
2018-03-06 14:05 alostale Target Version => 3.0PR17Q4.2
2018-03-13 07:49 hgbot Checkin
2018-03-13 07:49 hgbot Note Added: 0103175
2018-03-13 07:49 hgbot Status scheduled => resolved
2018-03-13 07:49 hgbot Resolution open => fixed
2018-03-13 07:49 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR17Q4.2/rev/791535f42c177a6cc20cf8fae3791f46d959b8d1 [^]
2018-03-13 11:27 caristu Note Added: 0103184
2018-03-13 11:27 caristu Status resolved => closed
2018-03-13 11:27 caristu Fixed in Version => 3.0PR17Q4.2


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker