[jira] [Updated] (OFBIZ-9206) Login and logout process in demo backends (Management Apps) shows a certificate issue

Wed, 01 Mar 2017 10:06:04 -0800 

     [ 
https://issues.apache.org/jira/browse/OFBIZ-9206?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jacques Le Roux updated OFBIZ-9206:
-----------------------------------
    Attachment: console.log-trunk.txt.zip
                access_log-trunk.txt

Fixed in trunk at r1784930.

But this is very dissapointing because unlike locally (cf OFBIZ-9240login out 
shows a 404 page with ecomseo and a blank page for ecommerce.

It's even incomprehensible for me so far. For instance have a look at those 
simplifiedf snippets from access and console logs:
{code}
[01/Mar/2017:15:23:55 +0000] "GET /ecomseo/ HTTP/1.1" 200 105021 "-"
[01/Mar/2017:15:23:56 +0000] "GET /content/contentForum.css HTTP/1.1" 302 - 
"https://demo-trunk.ofbiz.apache.org/ecomseo/additem";
[01/Mar/2017:15:23:56 +0000] "POST /ecomseo/additem HTTP/1.1" 200 111589 
"https://demo-trunk.ofbiz.apache.org/ecomseo/";
[01/Mar/2017:15:23:56 +0000] "GET /content/control/main HTTP/1.1" 200 8946 
"https://demo-trunk.ofbiz.apache.org/ecomseo/additem";
[01/Mar/2017:15:23:58 +0000] "GET /ecomseo/quickcheckout HTTP/1.1" 200 10396 
"https://demo-trunk.ofbiz.apache.org/ecomseo/additem";
[01/Mar/2017:15:23:58 +0000] "GET /content/contentForum.css HTTP/1.1" 302 - 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
[01/Mar/2017:15:23:58 +0000] "GET /content/control/main HTTP/1.1" 200 8946 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
[01/Mar/2017:15:24:05 +0000] "POST /ecomseo/login HTTP/1.1" 302 - 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
[01/Mar/2017:15:24:05 +0000] "GET /ecomseo/quickcheckout HTTP/1.1" 200 28992 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
[01/Mar/2017:15:24:05 +0000] "GET /content/contentForum.css HTTP/1.1" 302 - 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
[01/Mar/2017:15:24:05 +0000] "GET /content/control/main HTTP/1.1" 200 8946 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
[01/Mar/2017:15:24:12 +0000] "GET /ecomseo/logout HTTP/1.1" 302 - 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
[01/Mar/2017:15:24:12 +0000] "GET /ecomseo/ HTTP/1.1" 404 236 
"https://demo-trunk.ofbiz.apache.org/ecomseo/quickcheckout";
{code}

{code}
2017-03-01 15:23:55,147 |ajp-nio-8009-exec-1  |ControlServlet                
|T| [[[main(Domain:https://demo-trunk.ofbiz.apache.org)] Request Done- 
total:1.671,since last([main(Domain:http...):1.671]]
2017-03-01 15:23:55,147 |ajp-nio-8009-exec-1  |SeoContextFilter              
|W| [Filtered request]: /ecomseo/
2017-03-01 15:23:55,592 |http-nio-8443-exec-8 |ControlEventListener          
|I| Creating session:  hidden sessionId by default.
2017-03-01 15:23:55,592 |http-nio-8443-exec-8 |ControlServlet                
|T| [[[setSessionTimeZone(Domain:https://demo-trunk-ofbiz.apache.org)] Request 
Begun, encoding=[UTF-8]- total:0.0,since last(Begin):0.0]]
[...]
2017-03-01 15:24:12,759 |ajp-nio-8009-exec-8  |ControlServlet                
|T| [[[logout(Domain:https://demo-trunk.ofbiz.apache.org)] Request Done- 
total:0.021,since last([logout(Domain:ht...):0.021]]
2017-03-01 15:24:12,834 |ajp-nio-8009-exec-10 |SeoContextFilter              
|I| Can NOT forward this url: /ecomseo/
{code}


Have a look at console.log-trunk.txt.zip and access_log-trunk.txt for more.

Anyway this should not block us to use a certificate. So I'll also commit 
stable and will work on OFBIZ-9240 locally to try to understand they underlying 
reason which seems to lay in SeoContextFilter class. I have tried to tweak 
SeoConfig.xml w/o results.

> Login and logout process in demo backends (Management Apps) shows a 
> certificate issue
> -------------------------------------------------------------------------------------
>
>                 Key: OFBIZ-9206
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-9206
>             Project: OFBiz
>          Issue Type: Bug
>          Components: Demo
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Minor
>         Attachments: access_log-trunk.txt, console.log-trunk.txt.zip, 
> OFBIZ-9206.patch, ofbiz-vm2.apache.org.yaml
>
>
> When, from the site main page http://ofbiz.apache.org/, you get to the demos 
> depending on browser (tested on Windows 7) you get some issues:
> * FF
> ** Management Apps: OK
> ** Ecommerce: OK
> * Chrome (Management Apps or Ecommerce)
> ** stable: OK
> ** old: KO - If you copy the URL by hand it works, and after even from the 
> main page it works.
> ** trunk: OK
> * IE, same than Chrome
> If, from any browser, you logout from Management Apps you get a certificate 
> issue. Actually as we use HSTS the browsers protect us from any 3rd party 
> intrusions... Same issue when login in.
> So it seems we have a certificate issue after OFBIZ-7928 and INFRA-11960. 
> Maybe it's due to how OFBiz redirects when login in or login out because, so 
> far, only the login page is concerned...



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to