ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rene Frauli <m...@frauli.de>
Subject Re: Tenant authentication problem in 12.04
Date Wed, 14 Nov 2012 08:36:04 GMT
Hi,

I have created an Issue OFBIZ-5072 for 12.04 in Jira and attached a patch.

Hope that everything is correct with the Issue, it's my first one for OFBiz.

Rene


Am 13.11.12 07:14, schrieb Jacques Le Roux:
> Hi,
>
> Could you please provide a patch in a Jira?
> https://cwiki.apache.org/confluence/display/OFBADMIN/OFBiz+Contributors+Best+Practices
>
> Jacques
>
> From: "Rene Frauli" <mail@frauli.de>
>> Hello,
>>
>> In 12.04 the LoginWorker method "setWebContextObjects" object doesn't
>> store the delegator, dispatcher, security and the authz in the session
>> only in the request.
>>
>> The effect is that the session for the tenant is not correct and the
>> tenant cannot be used at all with strange effects. For e.g. data are
>> stored with the default delegator.
>>
>> In comparison with the related method in 11.04 if have added the missing
>> lines see below and now the tenant is working correctly again.
>>
>>
>> private static void setWebContextObjects(HttpServletRequest request,
>> HttpServletResponse response, Delegator delegator, LocalDispatcher
>> dispatcher) {
>>          HttpSession session = request.getSession();
>>          // NOTE: we do NOT want to set this in the servletContext, only
>> in the request and session
>>          // We also need to setup the security and authz objects since
>> they are dependent on the delegator
>>          Security security = null;
>>          try {
>>              security = SecurityFactory.getInstance(delegator);
>>          } catch (SecurityConfigurationException e) {
>>              Debug.logError(e, module);
>>          }
>>          Authorization authz = null;
>>          try {
>>              authz = AuthorizationFactory.getInstance(delegator);
>>          } catch (SecurityConfigurationException e) {
>>              Debug.logError(e, module);
>>          }
>>
>>          session.setAttribute("delegatorName",
>> delegator.getDelegatorName());
>>
>>          request.setAttribute("delegator", delegator);
>>
>> //Missing in 12.04
>>          session.setAttribute("delegator", delegator);
>>
>>          request.setAttribute("dispatcher", dispatcher);
>>
>> /Missing 12.04
>>          session.setAttribute("dispatcher", dispatcher);
>>
>>          request.setAttribute("security", security);
>>
>> //Missing 12.04
>>          session.setAttribute("security", security);
>>
>>          request.setAttribute("authz", authz);
>>
>> //Missing 12.04
>>          session.setAttribute("authz", authz);
>>
>>          // get rid of the visit info since it was pointing to the
>> previous database, and get a new one
>>          session.removeAttribute("visitor");
>>          session.removeAttribute("visit");
>>          VisitHandler.getVisitor(request, response);
>>          VisitHandler.getVisit(session);
>>      }
>>
>> Regards
>> Rene
>>
>>
>



Mime
View raw message