[
https://issues.apache.org/jira/browse/OFBIZ-4256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13028834#comment-13028834
]
Sascha Rodekamp commented on OFBIZ-4256:
----------------------------------------
Hey Adrian when setting auth to false every user (if logged in or not) can
directly call the lookup (i.e.
https://localhost:8443/example/control/LookupGeoName) and can see the data
which a presented in the lookup. I would not recommend that :-)
Some month ago i implement a redirect if the session is timed out. The user
will be directed to the "normal" login page. That works in my local copy.
So it's interesting which version you use @Wai.
Maybe there is an improvement for my first solution, i'll check that.
> after session timeout, ajax popup dialogbox shows ofbiz login screen
> --------------------------------------------------------------------
>
> Key: OFBIZ-4256
> URL: https://issues.apache.org/jira/browse/OFBIZ-4256
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS
> Affects Versions: SVN trunk
> Reporter: Wai
> Assignee: Sascha Rodekamp
>
> Take the following page (for example)
> https://localhost/content/control/findContent
> field "Data Resource Id" has an icon beside it that creates an ajax dialog
> pop up. If the session has already timed out. The dialog box would show the
> login screen.
> I suspect that all pages containing this functionality would exhibit the same
> symptom.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
