ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rohit Koushal (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OFBIZ-9240) Ecommerce login/logout don't work properly for trunk and stable and even old
Date Mon, 21 Aug 2017 12:31:00 GMT

    [ https://issues.apache.org/jira/browse/OFBIZ-9240?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16135102#comment-16135102
] 

Rohit Koushal commented on OFBIZ-9240:
--------------------------------------

Hi [~jacques.le.roux].

I spent some time on this ticket and found, the sequencing order of ControlFilter and ContextFilter
is causing this problem. I  tried to swap the order in case ecommerce but changing the sequence
will not work because other filters(like ContentUrlFilter,  CatalogUrlFilter) depends on the
context prepared by ContextFilter.

The issue is like when we are doing chaining of request using request-redirect than one request
attribute(_FORWARDED_FROM_SERVLET_) set to TRUE from ControlServlet. In case of ecommerce
ContextFilter run before ControlFilter which copies all the attribute from parent request
to redirect request and when execution reaches the ControlFilter for the redirect request
than request will fail to hit the servlet due to the code present at line 126(ControlFilter.java).

To fix this problem I removed the code which copies all the attribute from parent request
to redirect request because this thing is already taken care in the RequestHandler.

I am attaching the patch please review and let me know if you have any issue.

Also here I would like to thanks [~jacopoc] for discussing the problem and finalizing the
fix.



> Ecommerce login/logout don't work properly for trunk and stable and even old
> ----------------------------------------------------------------------------
>
>                 Key: OFBIZ-9240
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-9240
>             Project: OFBiz
>          Issue Type: Bug
>          Components: ecommerce
>    Affects Versions: Release Branch 14.12, Trunk, Release Branch 15.12, Release Branch
16.11
>            Reporter: Jacques Le Roux
>
> Here are the tests I did and their results.  I did not consider R14/15 because of OFBIZ-9235
> h5. On demos before fixing OFBIZ-9206 and using ofbiz-vm2 direct access
> h6. ecomseo trunk and stable (R16)
> # Get to https://demo-trunk.ofbiz.apache.org/ecomseo/ or https://demo-stable.ofbiz.apache.org/ecomseo/
> # login => main page logged in
> # logout => main page, not logged in
> # login => main page logged in
> # Use the "Not you" link => 404
> # Refresh (F5 key)  get you to the main page, not logged in
> So it works almost correctly but you need a refresh (F5 key) for the "Not you" link,
not sure why yet.
> It"s the same locally with OFBIZ-9206 fixed*, w/ or w/o portoffset
> h6. ecommerce trunk and stable (R16)
> # Get to https://ofbiz-vm2.apache.org:8443/ecommerce or https://ofbiz-vm2.apache.org:18443/ecommerce
> # login => blank page (no 404 in access log)
> # Refresh (F5 key)  get you to the main page, logged in
> # logout => blank page (no 404 in access log)
> # Refresh (F5 key)  get you to the main page, not logged in
> # login => blank page (no 404 in access log)
> # Refresh (F5 key)  get you to the main page, logged in
> # use the "Not you" link => blank page (no 404 in access log)
> # Refresh (F5 key)  get you to the main page, not logged in
> So it works almost correctly but you need a refresh (F5 key) between in the 3 cases,
not sure why yet.
> It's the same locally *with OFBIZ-9206 fixed*, w/ or w/o portoffset
> h6. Old (R13) on demo (no ecomseo before R14)
> # Get to https://ofbiz-vm2.apache.org:28443/ecommerce
> # login => you need to enter it twice => main page logged in
> # logout => main page, not logged in
> # login  => main page logged in
> # use the "Not you" link => main page, not logged in
> So it "works" but initially you need to enter the credential twice to login
> It's the same locally *with OFBIZ-9206 "fixed" (I'm not yet sure about that, I need to
test on demo)*, w/ or w/o portoffset



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message