[jira] [Commented] (OFBIZ-10666) User's name is displayed on ecommerce even after user logs out

Sun, 13 Jan 2019 20:41:44 -0800 


    [ 
https://issues.apache.org/jira/browse/OFBIZ-10666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16741761#comment-16741761
 ] 

Deepak Nigam commented on OFBIZ-10666:
--------------------------------------

Thanks for the detailed research [~jacques.le.roux]. 

I have already tried by removing getMaxAge() from 
LoginWorker.getAutoUserLoginId() and setMaxAge(0). Even after setting the max 
age 0 I was getting the auto-login cookie from the cookies array inside 
LoginWorker.getAutoUserLoginId() method. It means the above statement "If a 
cookie has expired, the browser does not send that particular cookie to the 
server with the page request; instead, the expired cookie is deleted." is not 
100% correct.

So, if we remove the getMaxAge() check from the condition, then the issue 
reported in this ticket will come again.




> User's name is displayed on ecommerce even after user logs out
> --------------------------------------------------------------
>
>                 Key: OFBIZ-10666
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-10666
>             Project: OFBiz
>          Issue Type: Bug
>          Components: ecommerce
>    Affects Versions: Trunk
>            Reporter: Arpit Mor
>            Assignee: Jacques Le Roux
>            Priority: Major
>             Fix For: 17.12.01, 16.11.06
>
>         Attachments: 1-OpenURL.png, 2-LoggedIn.png, 3-LoggedOut.png, 
> 4-NotYou.png, OFBIZ-10666.patch
>
>
> Steps to regenerate:
>  # Open URL: [https://demo-trunk.ofbiz.apache.org/ecommerce/control/main]. 
> Welcome is displayed and user's name is not displayed when URL is opened. 
> (Please refer attachment: 1-OpenURL)
>  # Login at ecommerce by clicking on login and entering Username: "admin" and 
> Password: "ofbiz". Username will be displayed after user logs in. (Please 
> refer attachment: 2-LoggedIn)
>  # Logout of ecommerce by clicking on logout. User will be logged out and 
> login link will be displayed in place of logout link, but the name of user is 
> still displayed. (Please refer attachment: 3-LoggedOut)
> Actual: Username is still displayed after user logs out
>  
> Expected: Username should not be displayed after the user logs out
>  
> Note: Similar issue also exists when the user clicks on (Not You? Click Here) 
> link. (Please refer attachment: 4-NotYou)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to