Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||||||
| ID | ||||||||||||
| 0049411 | ||||||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||||||
| defect | [Openbravo ERP] A. Platform | minor | have not tried | 2022-05-25 13:14 | 2022-11-21 07:02 | |||||||
| Reporter | caristu | View Status | public | |||||||||
| Assigned To | guillermogil | |||||||||||
| Priority | high | Resolution | open | Fixed in Version | ||||||||
| Status | scheduled | Fix in branch | Fixed in SCM revision | |||||||||
| Projection | none | ETA | none | Target Version | ||||||||
| OS | Any | Database | Any | Java version | ||||||||
| OS Version | Database version | Ant version | ||||||||||
| Product Version | SCM revision | |||||||||||
| Review Assigned To | ||||||||||||
| Web browser | ||||||||||||
| Modules | Core | |||||||||||
| Regression level | ||||||||||||
| Regression date | ||||||||||||
| Regression introduced in release | ||||||||||||
| Regression introduced by commit | ||||||||||||
| Triggers an Emergency Pack | No | |||||||||||
| Summary | 0049411: Password expiration is not checked in the web service authentication flow | |||||||||||
| Description | Password expiration is not checked in the default web service authentication flow | |||||||||||
| Steps To Reproduce | 1) Go to the user window and mark the "Expired Password" flag for a user 2) Execute a web service call, using the crendentials of the user changed in step 1), for example to: <server_url>/openbravo/ws/dal/Country. ERROR: the user is authorized and the WS request is completed although the user password is expired | |||||||||||
| Proposed Solution | Add a password expiration check in the DefaultAuthenticationManager.webServiceAuthenticate method in the same way that it is done for the standard login[1] [1] https://gitlab.com/openbravo/product/openbravo/-/blob/master/src/org/openbravo/authentication/basic/DefaultAuthenticationManager.java#L153 [^] | |||||||||||
| Tags | No tags attached. | |||||||||||
| Attached Files | ||||||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||
|
|||||||||||||||
 Relationships |
|
Notes |
|
|
(0143840) hgbot (developer) 2022-11-18 17:39 |
Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/771 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2022-05-25 13:14 | caristu | New Issue | |
| 2022-05-25 13:14 | caristu | Assigned To | => Triage Platform Base |
| 2022-05-25 13:14 | caristu | Modules | => Core |
| 2022-05-25 13:14 | caristu | Triggers an Emergency Pack | => No |
| 2022-05-25 13:16 | caristu | Steps to Reproduce Updated | View Revisions |
| 2022-05-25 13:19 | caristu | Proposed Solution updated | |
| 2022-05-25 13:20 | caristu | Description Updated | View Revisions |
| 2022-05-25 13:22 | caristu | Proposed Solution updated | |
| 2022-05-25 13:23 | caristu | Proposed Solution updated | |
| 2022-05-25 13:29 | caristu | Relationship added | related to 0032285 |
| 2022-05-25 13:29 | caristu | Relationship added | related to 0031796 |
| 2022-06-23 12:46 | shuehner | Issue Monitored: shuehner | |
| 2022-11-15 06:56 | guillermogil | Status | new => acknowledged |
| 2022-11-18 17:39 | hgbot | Note Added: 0143840 | |
| 2022-11-21 07:02 | guillermogil | Status | acknowledged => scheduled |
| 2022-11-21 07:02 | guillermogil | Assigned To | Triage Platform Base => guillermogil |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |