Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0009249
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] C. Securityminoralways2009-06-01 05:512009-07-16 17:55
ReportereintelauView Statuspublic 
Assigned Tomtaal 
PrioritynormalResolutionout of dateFixed in Version
StatusclosedFix in branchpiFixed in SCM revisionec6df6099183
ProjectionnoneETAnoneTarget Version
OSLinux 32 bitDatabasePostgreSQLJava version1.6
OS Version5.2Database version8.3Ant version1.7
Product VersionpiSCM revision3933:ec9676d0f32c 
Review Assigned To
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0009249: LAM Authentication Manager doesn't set OBContext

DescriptionThe LAM Authentication Manager does not initialise OBContext when a user is authenticated. This results in NullPointerExceptions when processing later requests.
Steps To Reproduce1) Setup & enable LAM Authentication
2) Try to logon
Proposed SolutionInitialise OBContext in LAM Auth Manager the same as the Default Auth Manager does
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
(0016778)
hgbot (developer)
2009-06-01 05:55

 Repository: erp/devel/pi
Changeset: c28006936476f9fd3163f3688b8844870994e488
Author: Ben Sommerville <ben.sommerville <at> eintel.com.au>
Date: Mon Jun 01 13:53:45 2009 +1000
URL: http://code.openbravo.com/erp/devel/pi/rev/c28006936476f9fd3163f3688b8844870994e488 [^]

Fixes issue 9249: Initialise OBContext in LAMAuthenticationManager

---
M src/org/openbravo/authentication/lam/LamAuthenticationManager.java
---
(0016833)
hgbot (developer)
2009-06-02 06:30

 Repository: erp/devel/pi
Changeset: ec6df60991831f01333f8e6ae389cb58dcd5d03d
Author: Ben Sommerville <ben.sommerville <at> eintel.com.au>
Date: Tue Jun 02 14:29:19 2009 +1000
URL: http://code.openbravo.com/erp/devel/pi/rev/ec6df60991831f01333f8e6ae389cb58dcd5d03d [^]

Re issue 9249: Set #Authenticated_user session attribute before initialising OBContext

---
M src/org/openbravo/authentication/lam/LamAuthenticationManager.java
---
(0016893)
mtaal (manager)
2009-06-02 22:53

 Hi,
After some more checking I think the following changes are required:
1) the OBContext should have a static OBContext available for the 0 user. This context can be used if no context is yet available and admin read mode is required. This is needed in the HttpSecureAppServlet just before:
          if (strWarehouse == null) {
            if (!strRole.equals("0")) {
2) in LoginUtils.fillSessionArguments(...) the real OBContext should be used.
3) The OBContext assumes that the session attribute #AUTHENTICATED_USER is set. I am not sure if this session attribute is outdated or not. When looking at LoginUtils.fillSessionArguments(....) it seems that #AD_User_ID needs to be used.

With the above changes the authentication managers do not need to know about the OBContext.

Re-opening issue and assigning it to me to make the necessary changes.

gr. Martin
(0016894)
mtaal (manager)
2009-06-02 22:53

 See previous comment.

gr. Martin
(0016895)
mtaal (manager)
2009-06-02 22:54

 Link to forum topic which discusses this topic:
http://forge.openbravo.com/plugins/espforum/view.php?group_id=100&forumid=549512&topicid=6995397&page=1 [^]
(0016928)
eintelau (developer)
2009-06-04 02:05

 Martin,

Those fixes are much better than handling the OBContext separately in each AuthenticationManager. My fix was a quick patch to get around the immediate problem, happy to see it removed in favour of a more general solution

regards
Ben Sommerville.
(0016965)
mtaal (manager)
2009-06-04 23:34

 Hi Ben,
I committed the changes in this commit:
https://code.openbravo.com/erp/devel/pi/rev/ffed97de08a4 [^]

Can you check/validate that I did not break anything in the LamAuthenticationManager?

Thanks!

gr. Martin
(0017168)
mtaal (manager)
2009-06-10 11:50

 Hi Ben,
Did you have time to look at the changes/solution?

gr. Martin
(0017770)
mtaal (manager)
2009-07-03 10:38

 No feedback received, closing this issue

- Issue History
Date Modified Username Field Change
2009-06-01 05:51 eintelau New Issue
2009-06-01 05:51 eintelau Assigned To => rafaroda
2009-06-01 05:55 hgbot Checkin
2009-06-01 05:55 hgbot Note Added: 0016778
2009-06-01 05:55 hgbot Status new => resolved
2009-06-01 05:55 hgbot Resolution open => fixed
2009-06-01 05:55 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/c28006936476f9fd3163f3688b8844870994e488 [^]
2009-06-02 06:30 hgbot Checkin
2009-06-02 06:30 hgbot Note Added: 0016833
2009-06-02 06:30 hgbot Fixed in SCM revision http://code.openbravo.com/erp/devel/pi/rev/c28006936476f9fd3163f3688b8844870994e488 [^] => http://code.openbravo.com/erp/devel/pi/rev/ec6df60991831f01333f8e6ae389cb58dcd5d03d [^]
2009-06-02 22:53 mtaal Note Added: 0016893
2009-06-02 22:53 mtaal Assigned To rafaroda => mtaal
2009-06-02 22:53 mtaal Status resolved => new
2009-06-02 22:53 mtaal Resolution fixed => open
2009-06-02 22:53 mtaal Note Added: 0016894
2009-06-02 22:54 mtaal Note Added: 0016895
2009-06-04 02:05 eintelau Note Added: 0016928
2009-06-04 23:34 mtaal Note Added: 0016965
2009-06-05 13:14 psarobe Status new => scheduled
2009-06-05 13:14 psarobe fix_in_branch => pi
2009-06-10 11:50 mtaal Note Added: 0017168
2009-06-10 11:50 mtaal Status scheduled => feedback
2009-07-03 10:38 mtaal Status feedback => closed
2009-07-03 10:38 mtaal Note Added: 0017770
2009-07-03 10:38 mtaal Resolution open => out of date
2009-07-16 17:55 anonymous sf_bug_id 0 => 2822553

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker