ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacques Le Roux (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (OFBIZ-9206) Login and logout process in demos shows a certificate issue
Date Fri, 24 Feb 2017 21:01:44 GMT

     [ https://issues.apache.org/jira/browse/OFBIZ-9206?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jacques Le Roux updated OFBIZ-9206:
-----------------------------------
    Attachment: OFBIZ-9206.patch

OK, it was an easy fix, I just imported
bq. <SystemProperty systemPropertyId="port.https" systemResourceId="url" systemPropertyValue=""/>
in trunk demo and all work perfectly.

I also tried to replace locally
port.https=8443
by
port.https=
in url.properties (w/o SystemProperty) and did not face any issue but with portOffset. This
is due to the WebSiteProperties class works and there is also an easy fix: don't add twice
the portOffset when it's build from the request, and only then. Keep it as is when it's build
from a WebSite GenericValue. We then trust the user and don't rely on the request.

I attach a patch for your tests before I commit and backport and change the demo links.

In this patch I also removed the deprecated RequestHandler.getDefaultServerRootUrl() I think
it was time...

> Login and logout process in demos shows a certificate issue
> -----------------------------------------------------------
>
>                 Key: OFBIZ-9206
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-9206
>             Project: OFBiz
>          Issue Type: Bug
>          Components: Demo
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Minor
>         Attachments: OFBIZ-9206.patch
>
>
> When, from the site main page http://ofbiz.apache.org/, you get to the demos depending
on browser (tested on Windows 7) you get some issues:
> * FF
> ** Management Apps: OK
> ** Ecommerce: OK
> * Chrome (Management Apps or Ecommerce)
> ** stable: OK
> ** old: KO - If you copy the URL by hand it works, and after even from the main page
it works.
> ** trunk: OK
> * IE, same than Chrome
> If, from any browser, you logout from Management Apps you get a certificate issue. Actually
as we use HSTS the browsers protect us from any 3rd party intrusions... Same issue when login
in.
> So it seems we have a certificate issue after OFBIZ-7928 and INFRA-11960. Maybe it's
due to how OFBiz redirects when login in or login out because, so far, only the login page
is concerned...



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message