Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0004327
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] C. Securitymajoralways2008-07-04 15:272008-09-04 12:06
ReporterroklenardicView Statuspublic 
Assigned Toalostale 
PriorityhighResolutionfixedFixed in Version2.40
StatusclosedFix in branchFixed in SCM revision6647
ProjectionnoneETAnoneTarget Version
OSLinux 32 bitDatabaseOracleJava version1.6
OS VersionUbuntu 8.04Database versionXE 10gAnt version1.7.0
Product Version2.40alpha-r3SCM revision 
Review Assigned To
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0004327: Session Timeout

DescriptionWithin the web.xml there is a setting
  <session-config>
    <session-timeout>60</session-timeout>
  </session-config>

which should set the authenticated session to expire after 60minutes.
I set that to 1 (yes, the one in WEB-INF context folder) to test if it does expire and could not get it to expire. no kind of inactivity expired the session.

Am I doing something wrong or is it a bug?
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to feature request 0004500 newdbaz Alert check time is hardcoded 
has duplicate defect 0004359 closedcromero session timeout 
related to defect 0007173 closedshuehner AJAX calls are not taken into account as "activity" into the application 

-  Notes
(0008396)
cromero (reporter)
2008-07-23 22:37

The problem is due alerts are throwing each 50 seconds a consult to db in order to update if there are new alerts.

Modifying the alert update time (now it is hardcoded in the menu.html file) to a value bigger than session timeout time, the timeout time will be effective.
(0008399)
alostale (manager)
2008-07-24 10:25

Once defect 0004500 is fixed, this bug would have an easy workarround (the one mentioned by cromero).

Anyway the solution for this one should make the alert checks not to reset the session timer.
(0008424)
svnbot (reporter)
2008-07-29 16:39

Repository: openbravo
Revision: 6029
Author: gorka_gil
Date: 2008-07-29 16:39:03 +0200 (Tue, 29 Jul 2008)

Fixed issue 4327 Now, alerts don't reset the session timeout

---
A branches/sessiontimeout/src-core/src/org/openbravo/utils/SessionExpirationFilter.java
U branches/sessiontimeout/src-wad/src/org/openbravo/wad/web.xml
---

https://dev.openbravo.com/websvn/openbravo/?rev=6029&sc=1 [^]
(0008735)
svnbot (reporter)
2008-08-25 18:46

Repository: openbravo
Revision: 6546
Author: gorka_gil
Date: 2008-08-25 18:46:40 +0200 (Mon, 25 Aug 2008)

[r2.40] Related to issue 4327 fix session timeout in branch r2.40

---
U branches/r2.40/src-wad/src/org/openbravo/wad/web.xml
---

https://dev.openbravo.com/websvn/openbravo/?rev=6546&sc=1 [^]
(0008736)
svnbot (reporter)
2008-08-25 18:48

Repository: openbravo
Revision: 6547
Author: gorka_gil
Date: 2008-08-25 18:48:00 +0200 (Mon, 25 Aug 2008)

[r2.40] Related to issue 4327 fix session timeout in branch r2.40

---
A branches/r2.40/src-core/src/org/openbravo/utils/SessionExpirationFilter.java
---

https://dev.openbravo.com/websvn/openbravo/?rev=6547&sc=1 [^]
(0008779)
svnbot (reporter)
2008-08-29 10:59

Repository: openbravo
Revision: 6647
Author: gorka_gil
Date: 2008-08-29 10:59:37 +0200 (Fri, 29 Aug 2008)

Fixed bug 4327 fix session timeout

---
A trunk/src-core/src/org/openbravo/utils/SessionExpirationFilter.java
U trunk/src-wad/src/org/openbravo/wad/web.xml
---

https://dev.openbravo.com/websvn/openbravo/?rev=6647&sc=1 [^]

- Issue History
Date Modified Username Field Change
2008-07-04 15:27 roklenardic New Issue
2008-07-04 15:27 roklenardic Assigned To => cromero
2008-07-04 15:27 roklenardic sf_bug_id 0 => 2010648
2008-07-07 09:52 cromero Status new => scheduled
2008-07-07 09:52 cromero Assigned To cromero => alostale
2008-07-07 09:52 cromero fix_in_branch => trunk
2008-07-09 17:22 cromero Relationship added has duplicate 0004359
2008-07-22 18:36 pjuvara Severity minor => major
2008-07-22 18:36 pjuvara fix_in_branch trunk =>
2008-07-22 18:42 pjuvara Priority normal => high
2008-07-23 22:37 cromero Note Added: 0008396
2008-07-24 10:23 alostale Relationship added related to 0004500
2008-07-24 10:25 alostale Note Added: 0008399
2008-07-29 16:39 svnbot Checkin
2008-07-29 16:39 svnbot Note Added: 0008424
2008-07-29 16:39 svnbot Status scheduled => resolved
2008-07-29 16:39 svnbot Resolution open => fixed
2008-07-29 16:39 svnbot svn_revision => 6029
2008-08-25 18:46 svnbot Checkin
2008-08-25 18:46 svnbot Note Added: 0008735
2008-08-25 18:46 svnbot svn_revision 6029 => 6546
2008-08-25 18:48 svnbot Checkin
2008-08-25 18:48 svnbot Note Added: 0008736
2008-08-25 18:48 svnbot svn_revision 6546 => 6547
2008-08-29 10:59 svnbot Checkin
2008-08-29 10:59 svnbot Note Added: 0008779
2008-08-29 10:59 svnbot svn_revision 6547 => 6647
2008-09-04 12:06 psarobe Regression testing => No
2008-09-04 12:06 psarobe Status resolved => closed
2008-09-04 12:06 psarobe Fixed in Version => 2.40
2009-01-27 22:17 dbaz Relationship added related to 0007173


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker