[
https://issues.apache.org/jira/browse/OFBIZ-1717?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12581444#action_12581444
]
David E. Jones commented on OFBIZ-1717:
---------------------------------------
This is a good catch Bilgin. The previous code circumvented the security stuff,
which is no good at all!
This fix looks like the proper way to go about it.
> main screens are visible w/o authentication
> -------------------------------------------
>
> Key: OFBIZ-1717
> URL: https://issues.apache.org/jira/browse/OFBIZ-1717
> Project: OFBiz
> Issue Type: Bug
> Components: ALL COMPONENTS
> Affects Versions: SVN trunk
> Reporter: Bilgin Ibryam
> Fix For: SVN trunk
>
> Attachments: 1717.patch
>
>
> Go to the login screen of a component (not webtools).
> Instead of entering the username and password, change the language or time
> zone.
> After you choose the language the request goes to the main view and you can
> see the main screen w/o any authentication.
> Changing the responses to main request instead of main view fixes the bug.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
