Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0047257 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| backport | [POS2] POS | critical | have not tried | 2021-06-28 10:50 | 2021-06-28 15:31 | |||
| Reporter | cberner | View Status | public | |||||
| Assigned To | cberner | |||||||
| Priority | high | Resolution | fixed | Fixed in Version | TAP | |||
| Status | closed | Fix in branch | Fixed in SCM revision | |||||
| Projection | none | ETA | none | Target Version | TAP | |||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | caristu | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0047257: Profile change invalidates current session, requiring log-in again | |||||||
| Description | When changing profile, the session is invalidated, making it impossible to switch profile or pay tickets without relogging. It is not possible to switch back to the previous profile either, without relogging. This makes profile button/feature useless, as it requires marking by default a profile, instead of using the expected switch to x profile, as expected. In backend when the profile changes this is the message that appears in tomcat log: 2021-06-28 10:39:38,095 [http-nio-8080-exec-1] ERROR org.openbravo.mobile.core.process.MobileService - CSRF token check failed. Request=/openbravo/org.openbravo.mobile.core.service.jsonrest/org.openbravo.retail.posterminal.OrderLoader, SessionID=A0A04E29ED22683F1153877A5C1CAED7, SessionToken=3F503F025D9D40629D3BFDC99098FDD5, RequestToken=8FB1701AE7E14C48B6D25C88F2E8E4A7 | |||||||
| Steps To Reproduce | 1. Open and login in WebPOS 2. Click on user and Profile, change it to something else 3. Try to pay a ticket, or opening profile popup again. (it will fail with a similar error as in attached screenshot) You may reproduce it in livebuilds: https://livebuilds.openbravo.com/retail_pos2_pgsql/web/pos/?terminal=VBS-2 [^] | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0129858) cberner (developer) 2021-06-28 15:30 |
MR created here: https://gitlab.com/obcustomers/AGAP/org.openbravo.core2/-/merge_requests/35 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2021-06-28 13:11 | cberner | Type | defect => backport |
| 2021-06-28 13:11 | cberner | Target Version | => TAP |
| 2021-06-28 15:30 | cberner | Note Added: 0129858 | |
| 2021-06-28 15:30 | cberner | Status | scheduled => resolved |
| 2021-06-28 15:30 | cberner | Fixed in Version | => TAP |
| 2021-06-28 15:30 | cberner | Resolution | open => fixed |
| 2021-06-28 15:31 | cberner | Review Assigned To | => caristu |
| 2021-06-28 15:31 | cberner | Status | resolved => closed |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |