|View Issue Details|
|Type||Category||Severity||Reproducibility||Date Submitted||Last Update|
|defect||[Openbravo ERP] A. Platform||major||always||2019-01-10 16:33||2019-03-28 14:55|
|Priority||high||Resolution||fixed||Fixed in Version||3.0PR19Q2|
|Status||closed||Fix in branch||Fixed in SCM revision||9a417375877c|
|OS Version||Database version||Ant version|
|Product Version||SCM revision|
|Review Assigned To||caristu|
|Regression introduced in release|
|Regression introduced by commit|
|Triggers an Emergency Pack||No|
0039919: A change of Password leaves a session as Active in BackOffice
|Description||When a user changes his password in the login window because it had expired, an active session is created and never terminated.|
It can be seen from the screenshot attached.
The only way to close it is killing the process manually
|Steps To Reproduce||1. Set "Days To Password Expiration" = 1 in 'Client' window|
2. Login with a user different from Openbravo and logout
3. Login to BackOffice with Openbravo user and check in 'Session' window that the previous session is not active (This is OK)
4. After one day, when the password expires, the user is requested to change the password. Proceed to change the password
5. Login as Openbravo user and check the "active sessions" in the 'Session' window. There are two sessions active for the user that just changed the password.(Should be just one).
6. Logout as the previous user different from Openbravo.
7. Check again with Openbravo user the "active sessions". There is still one session open for the user who has changed his/her password.
|Tags||No tags attached.|
|Attached Files|| Selection_099.png [^] (21,962 bytes) 2019-01-10 16:33
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Fri Jan 11 09:54:50 2019 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/9a417375877cb68a766ffba5303f7639f8254f29 [^]
fixed bug 39919: session leaked after password reset from login window
When password was detected to be expired in login process a new active session
was created, after resetting the password, this session was leaked and a new
one was created.
Now login process creates an inactive failed session when password is expired.
|Code reviewed + tested OK.|
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.
Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/b2fbc1588df4 [^]
Maturity status: Test
|2019-01-10 16:33||francisco||New Issue|
|2019-01-10 16:33||francisco||Assigned To||=> platform|
|2019-01-10 16:33||francisco||File Added: Selection_099.png|
|2019-01-10 16:33||francisco||Modules||=> Core|
|2019-01-10 16:33||francisco||Triggers an Emergency Pack||=> No|
|2019-01-10 17:01||eugeni||Issue Monitored: eugeni|
|2019-01-11 09:50||alostale||Summary||A change of Password leave a session as Active in BackOffice => A change of Password leaves a session as Active in BackOffice|
|2019-01-11 09:50||alostale||Description Updated||View Revisions|
|2019-01-11 09:50||alostale||Review Assigned To||=> caristu|
|2019-01-11 09:51||alostale||Assigned To||platform => alostale|
|2019-01-11 10:04||hgbot||Note Added: 0108921|
|2019-01-11 10:04||hgbot||Status||new => resolved|
|2019-01-11 10:04||hgbot||Resolution||open => fixed|
|2019-01-11 10:04||hgbot||Fixed in SCM revision||=> http://code.openbravo.com/erp/devel/pi/rev/9a417375877cb68a766ffba5303f7639f8254f29 [^]|
|2019-01-11 10:06||alostale||Relationship added||related to 0031796|
|2019-01-11 13:25||caristu||Note Added: 0108927|
|2019-01-11 13:25||caristu||Status||resolved => closed|
|2019-01-11 13:25||caristu||Fixed in Version||=> 3.0PR19Q2|
|2019-03-28 14:55||hudsonbot||Note Added: 0110719|
|Copyright © 2000 - 2009 MantisBT Group|