details: https://code.openbravo.com/erp/devel/pi/rev/6ead95cef7ec
changeset: 24707:6ead95cef7ec
user: Martin Taal <martin.taal <at> openbravo.com>
date: Fri Sep 26 18:17:10 2014 +0200
summary: Related to issue 27248: added request url to warning message, made
specific methods private
Made specific static methods private as there is no use for them being
protected and
would just increase the api.
diffstat:
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
| 16 ++++++---
1 files changed, 10 insertions(+), 6 deletions(-)
diffs (52 lines):
diff -r f5caad158261 -r 6ead95cef7ec
modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
---
a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
Fri Sep 26 15:55:41 2014 +0200
+++
b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/KernelServlet.java
Fri Sep 26 18:17:10 2014 +0200
@@ -84,8 +84,7 @@
// the inc and dec by passauthentication count must be synchronized
// and static, there might be multiple kernelservlets and multiple threads
// may use the same kernelservlet
- // TODO: synchronize on the session object instead of on a static
- protected static synchronized void
incBypassAuthenticationCount(HttpServletRequest request) {
+ private static synchronized void
incBypassAuthenticationCount(HttpServletRequest request) {
HttpSession session = request.getSession(true);
OBContext context = OBContext.getOBContext();
boolean sessionForThisRequest = context == null
@@ -106,13 +105,16 @@
count += 1;
}
session.setAttribute("forcedSessionsRequestCount", count);
- log.warn("The KernelServlet should not be used for unauthenticated
access, this functionality is deprecated, "
+ log.warn("The KernelServlet should not be used for unauthenticated
access (this request url: "
+ + request.getRequestURL()
+ + "). This functionality is deprecated, "
+ "use 'org.openbravo.mobile.core' instead of
'org.openbravo.client.kernel'; "
+ "see this issue https://issues.openbravo.com/view.php?id=27248 for
more information");
}
}
- protected static synchronized void decBypassAuthenticationCount(HttpSession
session) {
+ private static synchronized void decBypassAuthenticationCount(HttpSession
session,
+ HttpServletRequest request) {
if (session != null && "Y".equals(session.getAttribute("forceLogin"))) {
Integer count = (Integer)
session.getAttribute("forcedSessionsRequestCount");
count = (count != null ? count : 0) - 1;
@@ -123,7 +125,9 @@
} else {
session.setAttribute("forcedSessionsRequestCount", count);
}
- log.warn("The KernelServlet should not be used for unauthenticated
access, this functionality is deprecated, "
+ log.warn("The KernelServlet should not be used for unauthenticated
access (this request url: "
+ + request.getRequestURL()
+ + "). This functionality is deprecated, "
+ "use 'org.openbravo.mobile.core' instead of
'org.openbravo.client.kernel'; "
+ "see this issue https://issues.openbravo.com/view.php?id=27248 for
more information");
}
@@ -161,7 +165,7 @@
if (bypassAuthentication) {
HttpSession session = request.getSession(false);
- decBypassAuthenticationCount(session);
+ decBypassAuthenticationCount(session, request);
}
}
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Openbravo-commits mailing list
Openbravo-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openbravo-commits
