Project:
View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | ||||||||
0038566 | ||||||||
Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
defect | [Openbravo ERP] A. Platform | major | always | 2018-05-16 17:31 | 2018-05-25 14:08 | |||
Reporter | gorkaion | View Status | public | |||||
Assigned To | caristu | |||||||
Priority | immediate | Resolution | fixed | Fixed in Version | 3.0PR18Q3 | |||
Status | closed | Fix in branch | Fixed in SCM revision | 1fe924480aa8 | ||||
Projection | none | ETA | none | Target Version | ||||
OS | Any | Database | Any | Java version | ||||
OS Version | Database version | Ant version | ||||||
Product Version | SCM revision | |||||||
Review Assigned To | alostale | |||||||
Web browser | ||||||||
Modules | Core | |||||||
Regression level | Production - Confirmed Stable | |||||||
Regression date | 2017-05-30 | |||||||
Regression introduced in release | 3.0PR17Q3 | |||||||
Regression introduced by commit | https://code.openbravo.com/erp/devel/pi/rev/624c1fa5299c [^] | |||||||
Triggers an Emergency Pack | No | |||||||
Summary | 0038566: Autologon and AuthenticationManagers using SSO not working | |||||||
Description | If you configure an application to use the Autologon Authentication Manager the application is always redirected to the Login page. The issue is in the index.jsp file. It is retrieving the AD_SESSION_ID parameter and, if it is not set, it redirects to the login page. That value is set by the Autologon and other SSO AM later when the authenticate method is executed. So these AM are always redirected to the login page. | |||||||
Steps To Reproduce | Configure the Openbravo.properties to use Autologon AM: authentication.class=org.openbravo.authentication.basic.AutologonAuthenticationManager authentication.autologon.username=Openbravo compile and try to access the application | |||||||
Proposed Solution | Proposed solution is to create a new method in the AuthenticationManager to determine if the AM is using a SSO login or not. In case of using SSO it should not redirect to the login as the session will be created in the authenticate method. If finally an authentication is needed the authenticate method should redirect to the login page. | |||||||
Tags | No tags attached. | |||||||
Attached Files | ||||||||
Relationships [ Relation Graph ] [ Dependency Graph ] | |||||||||||||||||||||||||||||
|
Notes | |
(0104677) hgbot (developer) 2018-05-24 17:49 |
Repository: erp/devel/pi Changeset: 1fe924480aa8f9bf2bf332886c0b6be4446ef528 Author: Carlos Aristu <carlos.aristu <at> openbravo.com> Date: Thu May 24 17:36:11 2018 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/1fe924480aa8f9bf2bf332886c0b6be4446ef528 [^] fixes issue 38566: Allow to skip the login page redirection done in index.jsp After the fix for issue 0030031, it was not possible to login in Openbravo by using the authentication retrieved with an external login page. This is because in the index.jsp we first check if the DB session has been created and if not, a redirect to the login page is done. This was breaking the flow where the authentication is performed externally and then a redirection with the result is done to directly access Openbravo, because in that case the DB session does not exists yet causing the redirection to the login page instead of granting the access into the application. To fix this problem a new method called useExternalLoginPage() has been added to the AuthenticationManager class. It should be overridden by the subclasses that want to avoid the redirection if the DB session is not still present when trying to access into the application. --- M src/index.jsp M src/org/openbravo/authentication/AuthenticationManager.java M src/org/openbravo/authentication/basic/AutologonAuthenticationManager.java --- |
(0104678) hgbot (developer) 2018-05-24 17:55 |
Repository: erp/devel/pi Changeset: 09fceaed318cd50cc5cbd13874dfb2d939209817 Author: Carlos Aristu <carlos.aristu <at> openbravo.com> Date: Thu May 24 17:55:25 2018 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/09fceaed318cd50cc5cbd13874dfb2d939209817 [^] related to issue 38566: remove wrong javadoc text --- M src/org/openbravo/authentication/AuthenticationManager.java --- |
(0104679) hgbot (developer) 2018-05-24 18:06 |
Repository: erp/devel/pi Changeset: 790cab5288426edeb6728b07cc00ac8a38e44f08 Author: Carlos Aristu <carlos.aristu <at> openbravo.com> Date: Thu May 24 18:06:07 2018 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/790cab5288426edeb6728b07cc00ac8a38e44f08 [^] related to issue 38566: fix javadoc + copyright year --- M src/org/openbravo/authentication/AuthenticationManager.java M src/org/openbravo/authentication/basic/AutologonAuthenticationManager.java --- |
(0104694) alostale (manager) 2018-05-25 09:25 |
Reviewed + tested. Added a note to documentation: http://wiki.openbravo.com/wiki/Authentication#Develop_your_own_Authentication_Manager [^] |
(0104717) hudsonbot (developer) 2018-05-25 14:08 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/608c319c941f [^] Maturity status: Test |
(0104718) hudsonbot (developer) 2018-05-25 14:08 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/608c319c941f [^] Maturity status: Test |
(0104719) hudsonbot (developer) 2018-05-25 14:08 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/608c319c941f [^] Maturity status: Test |
Issue History | |||
Date Modified | Username | Field | Change |
2018-05-16 17:31 | gorkaion | New Issue | |
2018-05-16 17:31 | gorkaion | Assigned To | => platform |
2018-05-16 17:31 | gorkaion | Modules | => Core |
2018-05-16 17:31 | gorkaion | Resolution time | => 1528236000 |
2018-05-16 17:31 | gorkaion | Regression level | => Production - Confirmed Stable |
2018-05-16 17:31 | gorkaion | Regression date | => 2017-05-30 |
2018-05-16 17:31 | gorkaion | Regression introduced in release | => 3.0PR17Q3 |
2018-05-16 17:31 | gorkaion | Regression introduced by commit | => https://code.openbravo.com/erp/devel/pi/rev/624c1fa5299c [^] |
2018-05-16 17:31 | gorkaion | Triggers an Emergency Pack | => No |
2018-05-18 09:48 | alostale | Relationship added | related to 0038580 |
2018-05-24 14:07 | caristu | Status | new => scheduled |
2018-05-24 14:07 | caristu | Assigned To | platform => caristu |
2018-05-24 17:49 | hgbot | Checkin | |
2018-05-24 17:49 | hgbot | Note Added: 0104677 | |
2018-05-24 17:49 | hgbot | Status | scheduled => resolved |
2018-05-24 17:49 | hgbot | Resolution | open => fixed |
2018-05-24 17:49 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/1fe924480aa8f9bf2bf332886c0b6be4446ef528 [^] |
2018-05-24 17:50 | caristu | Relationship added | caused by 0030031 |
2018-05-24 17:55 | hgbot | Checkin | |
2018-05-24 17:55 | hgbot | Note Added: 0104678 | |
2018-05-24 18:06 | hgbot | Checkin | |
2018-05-24 18:06 | hgbot | Note Added: 0104679 | |
2018-05-25 09:25 | alostale | Review Assigned To | => alostale |
2018-05-25 09:25 | alostale | Note Added: 0104694 | |
2018-05-25 09:25 | alostale | Status | resolved => closed |
2018-05-25 09:25 | alostale | Fixed in Version | => 3.0PR18Q3 |
2018-05-25 14:08 | hudsonbot | Checkin | |
2018-05-25 14:08 | hudsonbot | Note Added: 0104717 | |
2018-05-25 14:08 | hudsonbot | Checkin | |
2018-05-25 14:08 | hudsonbot | Note Added: 0104718 | |
2018-05-25 14:08 | hudsonbot | Checkin | |
2018-05-25 14:08 | hudsonbot | Note Added: 0104719 |
Copyright © 2000 - 2009 MantisBT Group |