ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacques Le Roux (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (OFBIZ-9206) Login and logout process in demos shows a certificate issue
Date Fri, 24 Feb 2017 21:01:44 GMT

     [ https://issues.apache.org/jira/browse/OFBIZ-9206?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Jacques Le Roux updated OFBIZ-9206:
    Attachment: OFBIZ-9206.patch

OK, it was an easy fix, I just imported
bq. <SystemProperty systemPropertyId="port.https" systemResourceId="url" systemPropertyValue=""/>
in trunk demo and all work perfectly.

I also tried to replace locally
in url.properties (w/o SystemProperty) and did not face any issue but with portOffset. This
is due to the WebSiteProperties class works and there is also an easy fix: don't add twice
the portOffset when it's build from the request, and only then. Keep it as is when it's build
from a WebSite GenericValue. We then trust the user and don't rely on the request.

I attach a patch for your tests before I commit and backport and change the demo links.

In this patch I also removed the deprecated RequestHandler.getDefaultServerRootUrl() I think
it was time...

> Login and logout process in demos shows a certificate issue
> -----------------------------------------------------------
>                 Key: OFBIZ-9206
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-9206
>             Project: OFBiz
>          Issue Type: Bug
>          Components: Demo
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Minor
>         Attachments: OFBIZ-9206.patch
> When, from the site main page http://ofbiz.apache.org/, you get to the demos depending
on browser (tested on Windows 7) you get some issues:
> * FF
> ** Management Apps: OK
> ** Ecommerce: OK
> * Chrome (Management Apps or Ecommerce)
> ** stable: OK
> ** old: KO - If you copy the URL by hand it works, and after even from the main page
it works.
> ** trunk: OK
> * IE, same than Chrome
> If, from any browser, you logout from Management Apps you get a certificate issue. Actually
as we use HSTS the browsers protect us from any 3rd party intrusions... Same issue when login
> So it seems we have a certificate issue after OFBIZ-7928 and INFRA-11960. Maybe it's
due to how OFBiz redirects when login in or login out because, so far, only the login page
is concerned...

This message was sent by Atlassian JIRA

View raw message