Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0009249
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] C. Securityminoralways2009-06-01 05:512009-07-16 17:55
ReportereintelauView Statuspublic 
Assigned Tomtaal 
PrioritynormalResolutionout of dateFixed in Version
StatusclosedFix in branchpiFixed in SCM revisionec6df6099183
ProjectionnoneETAnoneTarget Version
OSLinux 32 bitDatabasePostgreSQLJava version1.6
OS Version5.2Database version8.3Ant version1.7
Product VersionpiSCM revision3933:ec9676d0f32c 
Merge Request Status
Review Assigned To
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0009249: LAM Authentication Manager doesn't set OBContext

DescriptionThe LAM Authentication Manager does not initialise OBContext when a user is authenticated. This results in NullPointerExceptions when processing later requests.
Steps To Reproduce1) Setup & enable LAM Authentication
2) Try to logon
Proposed SolutionInitialise OBContext in LAM Auth Manager the same as the Default Auth Manager does
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
(0016778)
hgbot (developer)
2009-06-01 05:55

 Repository: erp/devel/pi
Changeset: c28006936476f9fd3163f3688b8844870994e488
Author: Ben Sommerville <ben.sommerville <at> eintel.com.au>
Date: Mon Jun 01 13:53:45 2009 +1000
URL: http://code.openbravo.com/erp/devel/pi/rev/c28006936476f9fd3163f3688b8844870994e488 [^]

Fixes issue 9249: Initialise OBContext in LAMAuthenticationManager

---
M src/org/openbravo/authentication/lam/LamAuthenticationManager.java
---
(0016833)
hgbot (developer)
2009-06-02 06:30

 Repository: erp/devel/pi
Changeset: ec6df60991831f01333f8e6ae389cb58dcd5d03d
Author: Ben Sommerville <ben.sommerville <at> eintel.com.au>
Date: Tue Jun 02 14:29:19 2009 +1000
URL: http://code.openbravo.com/erp/devel/pi/rev/ec6df60991831f01333f8e6ae389cb58dcd5d03d [^]

Re issue 9249: Set #Authenticated_user session attribute before initialising OBContext

---
M src/org/openbravo/authentication/lam/LamAuthenticationManager.java
---
(0016893)
mtaal (viewer)
2009-06-02 22:53

 Hi,
After some more checking I think the following changes are required:
1) the OBContext should have a static OBContext available for the 0 user. This context can be used if no context is yet available and admin read mode is required. This is needed in the HttpSecureAppServlet just before:
          if (strWarehouse == null) {
            if (!strRole.equals("0")) {
2) in LoginUtils.fillSessionArguments(...) the real OBContext should be used.
3) The OBContext assumes that the session attribute #AUTHENTICATED_USER is set. I am not sure if this session attribute is outdated or not. When looking at LoginUtils.fillSessionArguments(....) it seems that #AD_User_ID needs to be used.

With the above changes the authentication managers do not need to know about the OBContext.

Re-opening issue and assigning it to me to make the necessary changes.

gr. Martin
(0016894)
mtaal (viewer)
2009-06-02 22:53

 See previous comment.

gr. Martin
(0016895)
mtaal (viewer)
2009-06-02 22:54

 Link to forum topic which discusses this topic:
http://forge.openbravo.com/plugins/espforum/view.php?group_id=100&forumid=549512&topicid=6995397&page=1 [^]
(0016928)
eintelau (viewer)
2009-06-04 02:05

 Martin,

Those fixes are much better than handling the OBContext separately in each AuthenticationManager. My fix was a quick patch to get around the immediate problem, happy to see it removed in favour of a more general solution

regards
Ben Sommerville.
(0016965)
mtaal (viewer)
2009-06-04 23:34

 Hi Ben,
I committed the changes in this commit:
https://code.openbravo.com/erp/devel/pi/rev/ffed97de08a4 [^]

Can you check/validate that I did not break anything in the LamAuthenticationManager?

Thanks!

gr. Martin
(0017168)
mtaal (viewer)
2009-06-10 11:50

 Hi Ben,
Did you have time to look at the changes/solution?

gr. Martin
(0017770)
mtaal (viewer)
2009-07-03 10:38

 No feedback received, closing this issue

- Issue History
Date Modified Username Field Change
2009-06-01 05:51 eintelau New Issue
2009-06-01 05:51 eintelau Assigned To => rafaroda
2009-06-01 05:55 hgbot Checkin
2009-06-01 05:55 hgbot Note Added: 0016778
2009-06-01 05:55 hgbot Status new => resolved
2009-06-01 05:55 hgbot Resolution open => fixed
2009-06-01 05:55 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/c28006936476f9fd3163f3688b8844870994e488 [^]
2009-06-02 06:30 hgbot Checkin
2009-06-02 06:30 hgbot Note Added: 0016833
2009-06-02 06:30 hgbot Fixed in SCM revision http://code.openbravo.com/erp/devel/pi/rev/c28006936476f9fd3163f3688b8844870994e488 [^] => http://code.openbravo.com/erp/devel/pi/rev/ec6df60991831f01333f8e6ae389cb58dcd5d03d [^]
2009-06-02 22:53 mtaal Note Added: 0016893
2009-06-02 22:53 mtaal Assigned To rafaroda => mtaal
2009-06-02 22:53 mtaal Status resolved => new
2009-06-02 22:53 mtaal Resolution fixed => open
2009-06-02 22:53 mtaal Note Added: 0016894
2009-06-02 22:54 mtaal Note Added: 0016895
2009-06-04 02:05 eintelau Note Added: 0016928
2009-06-04 23:34 mtaal Note Added: 0016965
2009-06-05 13:14 psarobe Status new => scheduled
2009-06-05 13:14 psarobe fix_in_branch => pi
2009-06-10 11:50 mtaal Note Added: 0017168
2009-06-10 11:50 mtaal Status scheduled => feedback
2009-07-03 10:38 mtaal Status feedback => closed
2009-07-03 10:38 mtaal Note Added: 0017770
2009-07-03 10:38 mtaal Resolution open => out of date
2009-07-16 17:55 anonymous sf_bug_id 0 => 2822553

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker