Anonymous | Login
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformmajoralways2019-01-10 16:332019-03-28 14:55
ReporterfranciscoView Statuspublic 
Assigned Toalostale 
PriorityhighResolutionfixedFixed in Version3.0PR19Q2
StatusclosedFix in branchFixed in SCM revision9a417375877c
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Tocaristu
Web browser
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo

0039919: A change of Password leaves a session as Active in BackOffice

DescriptionWhen a user changes his password in the login window because it had expired, an active session is created and never terminated.

It can be seen from the screenshot attached.

The only way to close it is killing the process manually
Steps To Reproduce1. Set "Days To Password Expiration" = 1 in 'Client' window
2. Login with a user different from Openbravo and logout
3. Login to BackOffice with Openbravo user and check in 'Session' window that the previous session is not active (This is OK)
4. After one day, when the password expires, the user is requested to change the password. Proceed to change the password
5. Login as Openbravo user and check the "active sessions" in the 'Session' window. There are two sessions active for the user that just changed the password.(Should be just one).
6. Logout as the previous user different from Openbravo.
7. Check again with Openbravo user the "active sessions". There is still one session open for the user who has changed his/her password.
TagsNo tags attached.
Attached Filespng file icon Selection_099.png [^] (21,962 bytes) 2019-01-10 16:33

- Relationships Relation Graph ] Dependency Graph ]
related to feature request 0031796 closedjonibc Extend functionality with the option to define a day limit for the password to be changed 

-  Notes
hgbot (developer)
2019-01-11 10:04

Repository: erp/devel/pi
Changeset: 9a417375877cb68a766ffba5303f7639f8254f29
Author: Asier Lostalé <asier.lostale <at>>
Date: Fri Jan 11 09:54:50 2019 +0100
URL: [^]

fixed bug 39919: session leaked after password reset from login window

  When password was detected to be expired in login process a new active session
  was created, after resetting the password, this session was leaked and a new
  one was created.

  Now login process creates an inactive failed session when password is expired.

M src/org/openbravo/authentication/
M src/org/openbravo/authentication/basic/
caristu (developer)
2019-01-11 13:25

Code reviewed + tested OK.
hudsonbot (developer)
2019-03-28 14:55

A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: [^]
Maturity status: Test

- Issue History
Date Modified Username Field Change
2019-01-10 16:33 francisco New Issue
2019-01-10 16:33 francisco Assigned To => platform
2019-01-10 16:33 francisco File Added: Selection_099.png
2019-01-10 16:33 francisco Modules => Core
2019-01-10 16:33 francisco Triggers an Emergency Pack => No
2019-01-10 17:01 eugeni Issue Monitored: eugeni
2019-01-11 09:50 alostale Summary A change of Password leave a session as Active in BackOffice => A change of Password leaves a session as Active in BackOffice
2019-01-11 09:50 alostale Description Updated View Revisions
2019-01-11 09:50 alostale Review Assigned To => caristu
2019-01-11 09:51 alostale Assigned To platform => alostale
2019-01-11 10:04 hgbot Checkin
2019-01-11 10:04 hgbot Note Added: 0108921
2019-01-11 10:04 hgbot Status new => resolved
2019-01-11 10:04 hgbot Resolution open => fixed
2019-01-11 10:04 hgbot Fixed in SCM revision => [^]
2019-01-11 10:06 alostale Relationship added related to 0031796
2019-01-11 13:25 caristu Note Added: 0108927
2019-01-11 13:25 caristu Status resolved => closed
2019-01-11 13:25 caristu Fixed in Version => 3.0PR19Q2
2019-03-28 14:55 hudsonbot Checkin
2019-03-28 14:55 hudsonbot Note Added: 0110719

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker