[jira] [Commented] (OFBIZ-11683) Humanres tree right-click pop-up menu allows existing OU to be added again
[ https://issues.apache.org/jira/browse/OFBIZ-11683?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282252#comment-17282252 ] Sebastian Berg commented on OFBIZ-11683: I will look into this. > Humanres tree right-click pop-up menu allows existing OU to be added again > -- > > Key: OFBIZ-11683 > URL: https://issues.apache.org/jira/browse/OFBIZ-11683 > Project: OFBiz > Issue Type: Bug > Components: humanres >Affects Versions: Release Branch 18.12, Release Branch 17.12, Trunk >Reporter: Pierre Smits >Assignee: Sebastian Berg >Priority: Major > Labels: usability > Attachments: Screen Shot 2020-05-09 at 22.02.48.png, Screen Shot > 2020-05-09 at 22.03.09.png, Screen Shot 2020-05-09 at 22.03.25.png > > > When on the main page, the user right-clicks on an organisation or > organisation unit (OU) to add an new subordinate organisation unit, an > existing OU can be added again. > See attached images. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Assigned] (OFBIZ-11683) Humanres tree right-click pop-up menu allows existing OU to be added again
[ https://issues.apache.org/jira/browse/OFBIZ-11683?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sebastian Berg reassigned OFBIZ-11683: -- Assignee: Sebastian Berg > Humanres tree right-click pop-up menu allows existing OU to be added again > -- > > Key: OFBIZ-11683 > URL: https://issues.apache.org/jira/browse/OFBIZ-11683 > Project: OFBiz > Issue Type: Bug > Components: humanres >Affects Versions: Release Branch 18.12, Release Branch 17.12, Trunk >Reporter: Pierre Smits >Assignee: Sebastian Berg >Priority: Major > Labels: usability > Attachments: Screen Shot 2020-05-09 at 22.02.48.png, Screen Shot > 2020-05-09 at 22.03.09.png, Screen Shot 2020-05-09 at 22.03.25.png > > > When on the main page, the user right-clicks on an organisation or > organisation unit (OU) to add an new subordinate organisation unit, an > existing OU can be added again. > See attached images. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #270: Improved: Switch from jCenter to mavenCentral to handle the jCenter shutdown (OFBIZ-12171)
sonarcloud[bot] commented on pull request #270: URL: https://github.com/apache/ofbiz-framework/pull/270#issuecomment-776331662 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=270=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=270=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=270=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=270=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=270) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=270=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-plugins] sonarcloud[bot] commented on pull request #53: Improved: Switch from jCenter to mavenCentral to handle the jCenter shutdown (OFBIZ-12171)
sonarcloud[bot] commented on pull request #53: URL: https://github.com/apache/ofbiz-plugins/pull/53#issuecomment-776330636 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=53=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=53=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=53=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=53=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=53) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=53=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (OFBIZ-12171) Handling the JCenter shutdown
[ https://issues.apache.org/jira/browse/OFBIZ-12171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282123#comment-17282123 ] Michael Brohl commented on OFBIZ-12171: --- Pull requests are available now, see links. > Handling the JCenter shutdown > - > > Key: OFBIZ-12171 > URL: https://issues.apache.org/jira/browse/OFBIZ-12171 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS, ALL COMPONENTS, ALL PLUGINS >Affects Versions: Release Branch 18.12, Trunk, 17.12.05 >Reporter: Michael Brohl >Assignee: Michael Brohl >Priority: Major > > Citing Taher's message at [2]: > Hello Everyone, > > I received emails and checked resources [1] that seem to confirm JCenter from > JFrog is going down and that the last day of operation for the repository is > going to be May 1st 2021. > > This is a big deal as many running instances will crash unless updated, so > not only do future versions of OFBiz need to adapt, but also existing > installations. > > I'm not sure how to best handle this? Especially for production instances out > there on older versions of OFBiz. Maybe one solution is to host the existing > libraries in some temporary location or try to migrate them to MavenCentral > ... Whatever is the solution I think we should make a fast move. > > [1] > [https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter] > > [https://www.infoq.com/news/2021/02/jfrog-jcenter-bintray-closure] > [2] > [https://lists.apache.org/thread.html/rf8e883ca8b90d51ad9d6d48c46f8f1fcc1cb82cce802daeeab0b910a%40%3Cdev.ofbiz.apache.org%3E] > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ofbiz-framework] mbrohl opened a new pull request #270: Improved: Switch from jCenter to mavenCentral to handle the jCenter shutdown (OFBIZ-12171)
mbrohl opened a new pull request #270: URL: https://github.com/apache/ofbiz-framework/pull/270 This has to be applied in synch with the framework pull request with the same title. https://github.com/apache/ofbiz-plugins/pull/53 This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-plugins] mbrohl opened a new pull request #53: Improved: Switch from jCenter to mavenCentral to handle the jCenter shutdown (OFBIZ-12171)
mbrohl opened a new pull request #53: URL: https://github.com/apache/ofbiz-plugins/pull/53 This has to be applied in synch with the framework pull request with the same title. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (OFBIZ-12171) Handling the JCenter shutdown
[ https://issues.apache.org/jira/browse/OFBIZ-12171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282107#comment-17282107 ] Michael Brohl commented on OFBIZ-12171: --- I think I have it now solved. I had to find a newer ldap util implementation and change the code to use the changed API. It's the same project but it has been changed from org.jasig.cas to org.apereo.cas. I have chosen the lowest version available because newer releases need jdk11+. Is there anyone who uses the Ldap implementation and could test it? I will provide two PR's tomorrow (one for framework and one for plugins) who should be applied together to make it work. If the community approves this I would take the next step and work out the changes for r17.12 and r18.12. > Handling the JCenter shutdown > - > > Key: OFBIZ-12171 > URL: https://issues.apache.org/jira/browse/OFBIZ-12171 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS, ALL COMPONENTS, ALL PLUGINS >Affects Versions: Release Branch 18.12, Trunk, 17.12.05 >Reporter: Michael Brohl >Assignee: Michael Brohl >Priority: Major > > Citing Taher's message at [2]: > Hello Everyone, > > I received emails and checked resources [1] that seem to confirm JCenter from > JFrog is going down and that the last day of operation for the repository is > going to be May 1st 2021. > > This is a big deal as many running instances will crash unless updated, so > not only do future versions of OFBiz need to adapt, but also existing > installations. > > I'm not sure how to best handle this? Especially for production instances out > there on older versions of OFBiz. Maybe one solution is to host the existing > libraries in some temporary location or try to migrate them to MavenCentral > ... Whatever is the solution I think we should make a fast move. > > [1] > [https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter] > > [https://www.infoq.com/news/2021/02/jfrog-jcenter-bintray-closure] > [2] > [https://lists.apache.org/thread.html/rf8e883ca8b90d51ad9d6d48c46f8f1fcc1cb82cce802daeeab0b910a%40%3Cdev.ofbiz.apache.org%3E] > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (OFBIZ-12170) All Links Redirect to An IP Address
[ https://issues.apache.org/jira/browse/OFBIZ-12170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282084#comment-17282084 ] Christen Erika Johnson edited comment on OFBIZ-12170 at 2/9/21, 10:51 PM: -- Can you list the things you want to know about. I sent you an email earlier with what I thought was important. so maybe you can be more specific about what configurations you are asking about? Do you mean the machine? Apache HTTPD? What exactly? was (Author: johnchr): Can you list the things you want to know about. I sent you an email earlier with what I thought was important. so maybe you can be more specific about what configurations you are asking about? Do you mean machine? Apache HTTPD? What exactly? > All Links Redirect to An IP Address > --- > > Key: OFBIZ-12170 > URL: https://issues.apache.org/jira/browse/OFBIZ-12170 > Project: OFBiz > Issue Type: Task >Affects Versions: 17.12.05 > Environment: CentOS 8 >Reporter: Christen Erika Johnson >Priority: Major > > I have OFBiz set up with a valid URL and it seems as though everything loads > fine. I have my security.properties file correct, my url.properties file is > correct and my start.properties files seem correct. When I click on any link > or the login button I get redirected to an IP address. If I type in the > valid domain and port with the full address, the page will load but it > doesn't send correctly when trying to login, or clicking any links. I tried > adding a redirect to my httpd virtual host and a URL rewrite but neither > worked. What is the issue and how do I fix it? -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12170) All Links Redirect to An IP Address
[ https://issues.apache.org/jira/browse/OFBIZ-12170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282093#comment-17282093 ] Michael Brohl commented on OFBIZ-12170: --- I understand that you are running OFBiz behind an Apache httpd, correct? Please post your Apache httpd virtual host configuration. You also said that there are other virtual hosts configured. Any of them could be responsible for this error. It is extremely difficult to analyze the problem without detailed information - or better - access to the system to analyze the problem. I believe that this is not an OFBiz problem as we are running several OFBiz instances behind an Apache httpd with AJP connection to OFBiz. > All Links Redirect to An IP Address > --- > > Key: OFBIZ-12170 > URL: https://issues.apache.org/jira/browse/OFBIZ-12170 > Project: OFBiz > Issue Type: Task >Affects Versions: 17.12.05 > Environment: CentOS 8 >Reporter: Christen Erika Johnson >Priority: Major > > I have OFBiz set up with a valid URL and it seems as though everything loads > fine. I have my security.properties file correct, my url.properties file is > correct and my start.properties files seem correct. When I click on any link > or the login button I get redirected to an IP address. If I type in the > valid domain and port with the full address, the page will load but it > doesn't send correctly when trying to login, or clicking any links. I tried > adding a redirect to my httpd virtual host and a URL rewrite but neither > worked. What is the issue and how do I fix it? -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12170) All Links Redirect to An IP Address
[ https://issues.apache.org/jira/browse/OFBIZ-12170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282084#comment-17282084 ] Christen Erika Johnson commented on OFBIZ-12170: Can you list the things you want to know about. I sent you an email earlier with what I thought was important. so maybe you can be more specific about what configurations you are asking about? Do you mean machine? Apache HTTPD? What exactly? > All Links Redirect to An IP Address > --- > > Key: OFBIZ-12170 > URL: https://issues.apache.org/jira/browse/OFBIZ-12170 > Project: OFBiz > Issue Type: Task >Affects Versions: 17.12.05 > Environment: CentOS 8 >Reporter: Christen Erika Johnson >Priority: Major > > I have OFBiz set up with a valid URL and it seems as though everything loads > fine. I have my security.properties file correct, my url.properties file is > correct and my start.properties files seem correct. When I click on any link > or the login button I get redirected to an IP address. If I type in the > valid domain and port with the full address, the page will load but it > doesn't send correctly when trying to login, or clicking any links. I tried > adding a redirect to my httpd virtual host and a URL rewrite but neither > worked. What is the issue and how do I fix it? -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (OFBIZ-12170) All Links Redirect to An IP Address
[ https://issues.apache.org/jira/browse/OFBIZ-12170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282066#comment-17282066 ] Christen Erika Johnson edited comment on OFBIZ-12170 at 2/9/21, 10:33 PM: -- I tried that but it didn't work. The issue I am still having is that the html pages are being written with an ip address that I cannot access from my server. What I mean by this is, I can view mydomain.com:8443/webtools but if I click on the login link, it will redirect to an ip address. I can go to mydomain.com:8443/webtools/control/checkLogin and the login page will show, but if I fill in any login information or even just click the login button, it redirects to that same non-hosted ip address. If I visit mydomain.com:8443/ecommerce, the commerce store loads correctly and I can view items but if I try to search for an item or click on any link in the menu, it redirects to the non-hosted ip address. I am looking for a fix that will instead use the mydomain.com:8443 when making request or writing html pages instead of that non-hosted ip address. I tried adding a permanent redirect and I tried a 301 redirect but neither worked. I tried adding an AliasMatch and that didn't work. I don't know what the problem is? was (Author: johnchr): I tried that but it didn't work. The issue I am still having is that the html pages are being written with an ip address that I cannot access from my server. What I mean by this is, I can view mydomain.com:8443/webtools but if I click on the login link, it will redirect to an ip address. I can go to mydomain:8443/webtools/control/checkLogin and the login page will show, but if I fill in any login information or even just click the login button, it redirects to that same non-hosted ip address. If I visit mydomain.com:8443/ecommerce, the commerce store loads correctly and I can view items but if I try to search for an item or click on any link in the menu, it redirects to the non-hosted ip address. I am looking for a fix that will instead use the mydomain.com:8443 when making request or writing html pages instead of that non-hosted ip address. I tried adding a permanent redirect and I tried a 301 redirect but neither worked. I tried adding an AliasMatch and that didn't work. I don't know what the problem is? > All Links Redirect to An IP Address > --- > > Key: OFBIZ-12170 > URL: https://issues.apache.org/jira/browse/OFBIZ-12170 > Project: OFBiz > Issue Type: Task >Affects Versions: 17.12.05 > Environment: CentOS 8 >Reporter: Christen Erika Johnson >Priority: Major > > I have OFBiz set up with a valid URL and it seems as though everything loads > fine. I have my security.properties file correct, my url.properties file is > correct and my start.properties files seem correct. When I click on any link > or the login button I get redirected to an IP address. If I type in the > valid domain and port with the full address, the page will load but it > doesn't send correctly when trying to login, or clicking any links. I tried > adding a redirect to my httpd virtual host and a URL rewrite but neither > worked. What is the issue and how do I fix it? -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12170) All Links Redirect to An IP Address
[ https://issues.apache.org/jira/browse/OFBIZ-12170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282076#comment-17282076 ] Michael Brohl commented on OFBIZ-12170: --- Can you please share your virtualhost configuration (anonymized)? > All Links Redirect to An IP Address > --- > > Key: OFBIZ-12170 > URL: https://issues.apache.org/jira/browse/OFBIZ-12170 > Project: OFBiz > Issue Type: Task >Affects Versions: 17.12.05 > Environment: CentOS 8 >Reporter: Christen Erika Johnson >Priority: Major > > I have OFBiz set up with a valid URL and it seems as though everything loads > fine. I have my security.properties file correct, my url.properties file is > correct and my start.properties files seem correct. When I click on any link > or the login button I get redirected to an IP address. If I type in the > valid domain and port with the full address, the page will load but it > doesn't send correctly when trying to login, or clicking any links. I tried > adding a redirect to my httpd virtual host and a URL rewrite but neither > worked. What is the issue and how do I fix it? -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12170) All Links Redirect to An IP Address
[ https://issues.apache.org/jira/browse/OFBIZ-12170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282066#comment-17282066 ] Christen Erika Johnson commented on OFBIZ-12170: I tried that but it didn't work. The issue I am still having is that the html pages are being written with an ip address that I cannot access from my server. What I mean by this is, I can view mydomain.com:8443/webtools but if I click on the login link, it will redirect to an ip address. I can go to mydomain:8443/webtools/control/checkLogin and the login page will show, but if I fill in any login information or even just click the login button, it redirects to that same non-hosted ip address. If I visit mydomain.com:8443/ecommerce, the commerce store loads correctly and I can view items but if I try to search for an item or click on any link in the menu, it redirects to the non-hosted ip address. I am looking for a fix that will instead use the mydomain.com:8443 when making request or writing html pages instead of that non-hosted ip address. I tried adding a permanent redirect and I tried a 301 redirect but neither worked. I tried adding an AliasMatch and that didn't work. I don't know what the problem is? > All Links Redirect to An IP Address > --- > > Key: OFBIZ-12170 > URL: https://issues.apache.org/jira/browse/OFBIZ-12170 > Project: OFBiz > Issue Type: Task >Affects Versions: 17.12.05 > Environment: CentOS 8 >Reporter: Christen Erika Johnson >Priority: Major > > I have OFBiz set up with a valid URL and it seems as though everything loads > fine. I have my security.properties file correct, my url.properties file is > correct and my start.properties files seem correct. When I click on any link > or the login button I get redirected to an IP address. If I type in the > valid domain and port with the full address, the page will load but it > doesn't send correctly when trying to login, or clicking any links. I tried > adding a redirect to my httpd virtual host and a URL rewrite but neither > worked. What is the issue and how do I fix it? -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12047) Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages
[ https://issues.apache.org/jira/browse/OFBIZ-12047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17282059#comment-17282059 ] Michael Brohl commented on OFBIZ-12047: --- I think the list of requests to check should be configurable instead of being hardcoded. > Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages > --- > > Key: OFBIZ-12047 > URL: https://issues.apache.org/jira/browse/OFBIZ-12047 > Project: OFBiz > Issue Type: Bug > Components: framework/webapp >Affects Versions: Release Branch 18.12, Trunk >Reporter: Ingo Könemann >Assignee: Jacques Le Roux >Priority: Minor > Fix For: 18.12.01, Upcoming Branch > > Attachments: RequestHandler.java.patch > > > There is a session attribute called "_PREVIOUS_REQUEST_" used to remember and > execute the previous request after a login occurs. This attribute is not > removed properly when navigating away from a page without logging in. > When navigating to a page that requires authentication the > "_PREVIOUS_REQUEST_" attribute is saved in the session from within the > LoginWorker to be called again when the login was successful through the > RequestHandler. Currently, the attribute is only removed when a login occurs > resulting in the previous request being stored in the session until some form > of login is successfully executed. > This behavior potentially results in navigation problems since a user is able > to navigate to a page requiring authentication without logging in. An old > request will be pulled from the session when a similar event occurs and the > user logs in. > > I propose to have the RequestHandler remove the session attribute > "_PREVIOUS_REQUEST_" after calling a request that does not require > authentication. We also have to restructure the sequence of request handling > to have the "targetRequestUri" handled after the security check and a > possible removal of the session attribute. > > One problem arises with this solution, however, which should be less of an > issue than the current state: > If the login page includes a request call that is handled after the request > showing the login page (for example an ajax call rendering a screen), the > "_PREVIOUS_REQUEST_" attribute will be lost before the login is processed. To > my knowledge such a case does not exist within the OFBiz environment and > seems to be an edge case far less problematic than the above mentioned > problem. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Reopened] (OFBIZ-12047) Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages
[ https://issues.apache.org/jira/browse/OFBIZ-12047?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux reopened OFBIZ-12047: - Assignee: Jacques Le Roux (was: Michael Brohl) Thanks OLivier, I'll have a look > Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages > --- > > Key: OFBIZ-12047 > URL: https://issues.apache.org/jira/browse/OFBIZ-12047 > Project: OFBiz > Issue Type: Bug > Components: framework/webapp >Affects Versions: Release Branch 18.12, Trunk >Reporter: Ingo Könemann >Assignee: Jacques Le Roux >Priority: Minor > Fix For: 18.12.01, Upcoming Branch > > Attachments: RequestHandler.java.patch > > > There is a session attribute called "_PREVIOUS_REQUEST_" used to remember and > execute the previous request after a login occurs. This attribute is not > removed properly when navigating away from a page without logging in. > When navigating to a page that requires authentication the > "_PREVIOUS_REQUEST_" attribute is saved in the session from within the > LoginWorker to be called again when the login was successful through the > RequestHandler. Currently, the attribute is only removed when a login occurs > resulting in the previous request being stored in the session until some form > of login is successfully executed. > This behavior potentially results in navigation problems since a user is able > to navigate to a page requiring authentication without logging in. An old > request will be pulled from the session when a similar event occurs and the > user logs in. > > I propose to have the RequestHandler remove the session attribute > "_PREVIOUS_REQUEST_" after calling a request that does not require > authentication. We also have to restructure the sequence of request handling > to have the "targetRequestUri" handled after the security check and a > possible removal of the session attribute. > > One problem arises with this solution, however, which should be less of an > issue than the current state: > If the login page includes a request call that is handled after the request > showing the login page (for example an ajax call rendering a screen), the > "_PREVIOUS_REQUEST_" attribute will be lost before the login is processed. To > my knowledge such a case does not exist within the OFBiz environment and > seems to be an edge case far less problematic than the above mentioned > problem. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-11810) Element link can update partial area
[
https://issues.apache.org/jira/browse/OFBIZ-11810?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nicolas Malin updated OFBIZ-11810:
--
Attachment: OFBIZ-11808-OFBIZ-11810.patch
> Element link can update partial area
>
>
> Key: OFBIZ-11810
> URL: https://issues.apache.org/jira/browse/OFBIZ-11810
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework/widget
>Affects Versions: Trunk
>Reporter: Nicolas Malin
>Priority: Major
> Labels: screen, widget
> Attachments: OFBIZ-11808-OFBIZ-11810.patch
>
>
> Currently when you want to display an information easily on sub-screen
> dynamically (example as related element) is currently not possible without
> write specific js code. A easy step would be add a new link type:
> update-area, to indicate to the theme that we want to refresh after the call
> only a local area.
> {code:xml}
> target-window="detail">
> from-field="productCategory.productCategoryId"/>
>
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [ofbiz-framework] sonarcloud[bot] removed a comment on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] removed a comment on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775908730 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] commented on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775932720 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-framework] sonarcloud[bot] removed a comment on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] removed a comment on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775853639 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] commented on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775908730 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (OFBIZ-12168) Rename some connoted words like blacklist and whitelist.
[ https://issues.apache.org/jira/browse/OFBIZ-12168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281710#comment-17281710 ] Jacques Le Roux commented on OFBIZ-12168: - I did not close in case we decide to change more master words as discussed at https://markmail.org/message/jl4uu72vt2nnt5cb > Rename some connoted words like blacklist and whitelist. > - > > Key: OFBIZ-12168 > URL: https://issues.apache.org/jira/browse/OFBIZ-12168 > Project: OFBiz > Issue Type: Improvement > Components: ALL COMPONENTS >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Major > Fix For: Upcoming Branch > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ofbiz-framework] sonarcloud[bot] removed a comment on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] removed a comment on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775759557 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] commented on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775853639 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Comment Edited] (OFBIZ-12171) Handling the JCenter shutdown
[
https://issues.apache.org/jira/browse/OFBIZ-12171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281465#comment-17281465
]
Michael Brohl edited comment on OFBIZ-12171 at 2/9/21, 10:36 AM:
-
I am now able to build OFBiz without jCenter using mavenCentral and additional
repositories hosting artifacts which are not available at mavenCentral.
With one exception for a dependency in the ldap plugin (cas-server) for xmldsig:
{noformat}
A problem occurred evaluating root project 'ofbiz'.
> Could not resolve all files for configuration ':runtimeClasspath'.
> Could not find xmldsig-1.0.jar (javax.xml:xmldsig:1.0).
Searched in the following locations:
https://repo.maven.apache.org/maven2/javax/xml/xmldsig/1.0/xmldsig-1.0.jar{noformat}
Problem here is that the library jar is not available. The upgrade to a newer
cas-server version requires an update of our
OFBizActiveDirectoryAuthenticationHandler code due to API changes.
Work for another day (or night...).
was (Author: mbrohl):
I am now able to build IFBiz without jCenter using mavenCentral and additional
repositories hosting artifacts which are not available at mavenCentral.
With one exception for a dependency in the ldap plugin (cas-server) for xmldsig:
{noformat}
A problem occurred evaluating root project 'ofbiz'.
> Could not resolve all files for configuration ':runtimeClasspath'.
> Could not find xmldsig-1.0.jar (javax.xml:xmldsig:1.0).
Searched in the following locations:
https://repo.maven.apache.org/maven2/javax/xml/xmldsig/1.0/xmldsig-1.0.jar{noformat}
Problem here is that the library jar is not available. The upgrade to a newer
cas-server version requires an update of our
OFBizActiveDirectoryAuthenticationHandler code due to API changes.
Work for another day (or night...).
> Handling the JCenter shutdown
> -
>
> Key: OFBIZ-12171
> URL: https://issues.apache.org/jira/browse/OFBIZ-12171
> Project: OFBiz
> Issue Type: Improvement
> Components: ALL APPLICATIONS, ALL COMPONENTS, ALL PLUGINS
>Affects Versions: Release Branch 18.12, Trunk, 17.12.05
>Reporter: Michael Brohl
>Assignee: Michael Brohl
>Priority: Major
>
> Citing Taher's message at [2]:
> Hello Everyone,
>
> I received emails and checked resources [1] that seem to confirm JCenter from
> JFrog is going down and that the last day of operation for the repository is
> going to be May 1st 2021.
>
> This is a big deal as many running instances will crash unless updated, so
> not only do future versions of OFBiz need to adapt, but also existing
> installations.
>
> I'm not sure how to best handle this? Especially for production instances out
> there on older versions of OFBiz. Maybe one solution is to host the existing
> libraries in some temporary location or try to migrate them to MavenCentral
> ... Whatever is the solution I think we should make a fast move.
>
> [1]
> [https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter]
>
> [https://www.infoq.com/news/2021/02/jfrog-jcenter-bintray-closure]
> [2]
> [https://lists.apache.org/thread.html/rf8e883ca8b90d51ad9d6d48c46f8f1fcc1cb82cce802daeeab0b910a%40%3Cdev.ofbiz.apache.org%3E]
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OFBIZ-12171) Handling the JCenter shutdown
[ https://issues.apache.org/jira/browse/OFBIZ-12171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281701#comment-17281701 ] Michael Brohl commented on OFBIZ-12171: --- I will provide a draft PR with all entries and comments for which artifacts they are used after I solved the one remaining build problem. > Handling the JCenter shutdown > - > > Key: OFBIZ-12171 > URL: https://issues.apache.org/jira/browse/OFBIZ-12171 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS, ALL COMPONENTS, ALL PLUGINS >Affects Versions: Release Branch 18.12, Trunk, 17.12.05 >Reporter: Michael Brohl >Assignee: Michael Brohl >Priority: Major > > Citing Taher's message at [2]: > Hello Everyone, > > I received emails and checked resources [1] that seem to confirm JCenter from > JFrog is going down and that the last day of operation for the repository is > going to be May 1st 2021. > > This is a big deal as many running instances will crash unless updated, so > not only do future versions of OFBiz need to adapt, but also existing > installations. > > I'm not sure how to best handle this? Especially for production instances out > there on older versions of OFBiz. Maybe one solution is to host the existing > libraries in some temporary location or try to migrate them to MavenCentral > ... Whatever is the solution I think we should make a fast move. > > [1] > [https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter] > > [https://www.infoq.com/news/2021/02/jfrog-jcenter-bintray-closure] > [2] > [https://lists.apache.org/thread.html/rf8e883ca8b90d51ad9d6d48c46f8f1fcc1cb82cce802daeeab0b910a%40%3Cdev.ofbiz.apache.org%3E] > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11786) Packer can change data on shipment
[ https://issues.apache.org/jira/browse/OFBIZ-11786?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281697#comment-17281697 ] Sebastian Berg commented on OFBIZ-11786: In order to edit a Shipment the permission service 'checkCanChangeShipmentStatusDelivered' is called which in succession calls 'facilityGenericPermission' followed by 'checkFacilityRelatedPermission' where the 'FACILITY' and 'CATALOG' permission in this case for 'UPDATE' is checked. At the moment only the Party 'system' gets assigned the 'Packer' RoleType. >From my perspective this seems to be a configuration issue on which >SecurityPermissions are assigned to a userLogin with the 'Packer' RoleType. [~pierresmits] can you maybe further describe why there is a problem here? > Packer can change data on shipment > -- > > Key: OFBIZ-11786 > URL: https://issues.apache.org/jira/browse/OFBIZ-11786 > Project: OFBiz > Issue Type: Bug > Components: product >Affects Versions: 17.12.03, Trunk >Reporter: Pierre Smits >Assignee: Sebastian Berg >Priority: Major > Labels: refactoring, usability > > When a shipment has been created (e.g. > https://demo-stable.ofbiz.apache.org/facility/control/ViewShipment?shipmentId=10005), > a packer can edit the details via editShipment, including (but not limited > to) changing the customer and cost involved. > This should not be possible -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12047) Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages
[ https://issues.apache.org/jira/browse/OFBIZ-12047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281698#comment-17281698 ] Olivier Heintz commented on OFBIZ-12047: After some small study, it seem there is a problem because login request not require authentication :) I have tried to add a test to check if current request is login and only if it's not to remove _PREVIOUS_REQUEST_ Session Attribute, it seem better with this modification. I have put the patch to the jira, just to be more clear on modification I have tested, but I suppose there is a better way to do it. > Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages > --- > > Key: OFBIZ-12047 > URL: https://issues.apache.org/jira/browse/OFBIZ-12047 > Project: OFBiz > Issue Type: Bug > Components: framework/webapp >Affects Versions: Release Branch 18.12, Trunk >Reporter: Ingo Könemann >Assignee: Michael Brohl >Priority: Minor > Fix For: 18.12.01, Upcoming Branch > > Attachments: RequestHandler.java.patch > > > There is a session attribute called "_PREVIOUS_REQUEST_" used to remember and > execute the previous request after a login occurs. This attribute is not > removed properly when navigating away from a page without logging in. > When navigating to a page that requires authentication the > "_PREVIOUS_REQUEST_" attribute is saved in the session from within the > LoginWorker to be called again when the login was successful through the > RequestHandler. Currently, the attribute is only removed when a login occurs > resulting in the previous request being stored in the session until some form > of login is successfully executed. > This behavior potentially results in navigation problems since a user is able > to navigate to a page requiring authentication without logging in. An old > request will be pulled from the session when a similar event occurs and the > user logs in. > > I propose to have the RequestHandler remove the session attribute > "_PREVIOUS_REQUEST_" after calling a request that does not require > authentication. We also have to restructure the sequence of request handling > to have the "targetRequestUri" handled after the security check and a > possible removal of the session attribute. > > One problem arises with this solution, however, which should be less of an > issue than the current state: > If the login page includes a request call that is handled after the request > showing the login page (for example an ajax call rendering a screen), the > "_PREVIOUS_REQUEST_" attribute will be lost before the login is processed. To > my knowledge such a case does not exist within the OFBiz environment and > seems to be an edge case far less problematic than the above mentioned > problem. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-12047) Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages
[ https://issues.apache.org/jira/browse/OFBIZ-12047?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Olivier Heintz updated OFBIZ-12047: --- Attachment: RequestHandler.java.patch > Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages > --- > > Key: OFBIZ-12047 > URL: https://issues.apache.org/jira/browse/OFBIZ-12047 > Project: OFBiz > Issue Type: Bug > Components: framework/webapp >Affects Versions: Release Branch 18.12, Trunk >Reporter: Ingo Könemann >Assignee: Michael Brohl >Priority: Minor > Fix For: 18.12.01, Upcoming Branch > > Attachments: RequestHandler.java.patch > > > There is a session attribute called "_PREVIOUS_REQUEST_" used to remember and > execute the previous request after a login occurs. This attribute is not > removed properly when navigating away from a page without logging in. > When navigating to a page that requires authentication the > "_PREVIOUS_REQUEST_" attribute is saved in the session from within the > LoginWorker to be called again when the login was successful through the > RequestHandler. Currently, the attribute is only removed when a login occurs > resulting in the previous request being stored in the session until some form > of login is successfully executed. > This behavior potentially results in navigation problems since a user is able > to navigate to a page requiring authentication without logging in. An old > request will be pulled from the session when a similar event occurs and the > user logs in. > > I propose to have the RequestHandler remove the session attribute > "_PREVIOUS_REQUEST_" after calling a request that does not require > authentication. We also have to restructure the sequence of request handling > to have the "targetRequestUri" handled after the security check and a > possible removal of the session attribute. > > One problem arises with this solution, however, which should be less of an > issue than the current state: > If the login page includes a request call that is handled after the request > showing the login page (for example an ajax call rendering a screen), the > "_PREVIOUS_REQUEST_" attribute will be lost before the login is processed. To > my knowledge such a case does not exist within the OFBiz environment and > seems to be an edge case far less problematic than the above mentioned > problem. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12171) Handling the JCenter shutdown
[ https://issues.apache.org/jira/browse/OFBIZ-12171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281692#comment-17281692 ] Jacques Le Roux commented on OFBIZ-12171: - Thanks Michael, Just for my information, what are those other bs. additional repositories hosting artifacts which are not available at mavenCentral ? > Handling the JCenter shutdown > - > > Key: OFBIZ-12171 > URL: https://issues.apache.org/jira/browse/OFBIZ-12171 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS, ALL COMPONENTS, ALL PLUGINS >Affects Versions: Release Branch 18.12, Trunk, 17.12.05 >Reporter: Michael Brohl >Assignee: Michael Brohl >Priority: Major > > Citing Taher's message at [2]: > Hello Everyone, > > I received emails and checked resources [1] that seem to confirm JCenter from > JFrog is going down and that the last day of operation for the repository is > going to be May 1st 2021. > > This is a big deal as many running instances will crash unless updated, so > not only do future versions of OFBiz need to adapt, but also existing > installations. > > I'm not sure how to best handle this? Especially for production instances out > there on older versions of OFBiz. Maybe one solution is to host the existing > libraries in some temporary location or try to migrate them to MavenCentral > ... Whatever is the solution I think we should make a fast move. > > [1] > [https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter] > > [https://www.infoq.com/news/2021/02/jfrog-jcenter-bintray-closure] > [2] > [https://lists.apache.org/thread.html/rf8e883ca8b90d51ad9d6d48c46f8f1fcc1cb82cce802daeeab0b910a%40%3Cdev.ofbiz.apache.org%3E] > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Comment Edited] (OFBIZ-12171) Handling the JCenter shutdown
[ https://issues.apache.org/jira/browse/OFBIZ-12171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281692#comment-17281692 ] Jacques Le Roux edited comment on OFBIZ-12171 at 2/9/21, 10:23 AM: --- Thanks Michael, Just for my information, what are those other bq. additional repositories hosting artifacts which are not available at mavenCentral ? was (Author: jacques.le.roux): Thanks Michael, Just for my information, what are those other bs. additional repositories hosting artifacts which are not available at mavenCentral ? > Handling the JCenter shutdown > - > > Key: OFBIZ-12171 > URL: https://issues.apache.org/jira/browse/OFBIZ-12171 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS, ALL COMPONENTS, ALL PLUGINS >Affects Versions: Release Branch 18.12, Trunk, 17.12.05 >Reporter: Michael Brohl >Assignee: Michael Brohl >Priority: Major > > Citing Taher's message at [2]: > Hello Everyone, > > I received emails and checked resources [1] that seem to confirm JCenter from > JFrog is going down and that the last day of operation for the repository is > going to be May 1st 2021. > > This is a big deal as many running instances will crash unless updated, so > not only do future versions of OFBiz need to adapt, but also existing > installations. > > I'm not sure how to best handle this? Especially for production instances out > there on older versions of OFBiz. Maybe one solution is to host the existing > libraries in some temporary location or try to migrate them to MavenCentral > ... Whatever is the solution I think we should make a fast move. > > [1] > [https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter] > > [https://www.infoq.com/news/2021/02/jfrog-jcenter-bintray-closure] > [2] > [https://lists.apache.org/thread.html/rf8e883ca8b90d51ad9d6d48c46f8f1fcc1cb82cce802daeeab0b910a%40%3Cdev.ofbiz.apache.org%3E] > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12047) Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages
[ https://issues.apache.org/jira/browse/OFBIZ-12047?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281670#comment-17281670 ] Olivier Heintz commented on OFBIZ-12047: Good morning, With this modification, when I'm in a back-end application like party, if I call a uri like partymgr/control/FindCommunicationEvents without being connected (after more than 1 hour of inactivity) the login is called, but i'm redirected on main not to findCommunicationEvents result Is it what it is expected ? I understood (after reading description) that this should be only the case for request that does not require authentication. > Remove _PREVIOUS_REQUEST_ Session Attribute on non-authentication pages > --- > > Key: OFBIZ-12047 > URL: https://issues.apache.org/jira/browse/OFBIZ-12047 > Project: OFBiz > Issue Type: Bug > Components: framework/webapp >Affects Versions: Release Branch 18.12, Trunk >Reporter: Ingo Könemann >Assignee: Michael Brohl >Priority: Minor > Fix For: 18.12.01, Upcoming Branch > > > There is a session attribute called "_PREVIOUS_REQUEST_" used to remember and > execute the previous request after a login occurs. This attribute is not > removed properly when navigating away from a page without logging in. > When navigating to a page that requires authentication the > "_PREVIOUS_REQUEST_" attribute is saved in the session from within the > LoginWorker to be called again when the login was successful through the > RequestHandler. Currently, the attribute is only removed when a login occurs > resulting in the previous request being stored in the session until some form > of login is successfully executed. > This behavior potentially results in navigation problems since a user is able > to navigate to a page requiring authentication without logging in. An old > request will be pulled from the session when a similar event occurs and the > user logs in. > > I propose to have the RequestHandler remove the session attribute > "_PREVIOUS_REQUEST_" after calling a request that does not require > authentication. We also have to restructure the sequence of request handling > to have the "targetRequestUri" handled after the security check and a > possible removal of the session attribute. > > One problem arises with this solution, however, which should be less of an > issue than the current state: > If the login page includes a request call that is handled after the request > showing the login page (for example an ajax call rendering a screen), the > "_PREVIOUS_REQUEST_" attribute will be lost before the login is processed. To > my knowledge such a case does not exist within the OFBiz environment and > seems to be an edge case far less problematic than the above mentioned > problem. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ofbiz-plugins] sonarcloud[bot] commented on pull request #52: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] commented on pull request #52: URL: https://github.com/apache/ofbiz-plugins/pull/52#issuecomment-775781208 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-plugins] sonarcloud[bot] removed a comment on pull request #52: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] removed a comment on pull request #52: URL: https://github.com/apache/ofbiz-plugins/pull/52#issuecomment-775763235 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (OFBIZ-12167) Adds a blacklist (to be renamed soon to denylist) in Java serialisation
[ https://issues.apache.org/jira/browse/OFBIZ-12167?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281642#comment-17281642 ] ASF subversion and git services commented on OFBIZ-12167: - Commit 00200bfaca296991a6d1925423c71d74842882b0 in ofbiz-framework's branch refs/heads/release17.12 from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=00200bf ] Fixed: Adds a blacklist (to be renamed soon to denylist) in Java serialisation (OFBIZ-12167) Adds an example based on RMI which is known to be a problem > Adds a blacklist (to be renamed soon to denylist) in Java serialisation > --- > > Key: OFBIZ-12167 > URL: https://issues.apache.org/jira/browse/OFBIZ-12167 > Project: OFBiz > Issue Type: Bug > Components: framework/base >Affects Versions: Release Branch 18.12, Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Minor > Fix For: 18.12.01 > > > Adds an example based on RMI which is known to be a problem -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12168) Rename some connoted words like blacklist and whitelist.
[ https://issues.apache.org/jira/browse/OFBIZ-12168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281638#comment-17281638 ] ASF subversion and git services commented on OFBIZ-12168: - Commit e7b3169d03b822bcbf4f522b2eeb4bcef790c563 in ofbiz-framework's branch refs/heads/trunk from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=e7b3169 ] Improved: Rename some connoted words like blacklist and whitelist (OFBIZ-12168) Renames respectively blacklist and whitelist to denylist and allowlist in several places. There are still a lot of master word which can be replaced by main, but not in contexts where slave is also used. I'll discuss that on dev ML again... Provides the migrateOldOrderBlacklistAndOldOrderBlacklistType service to migrate records from OrderBlacklist and OrderBlacklistType entities to new OrderDenylist and OrderDenylistType entities > Rename some connoted words like blacklist and whitelist. > - > > Key: OFBIZ-12168 > URL: https://issues.apache.org/jira/browse/OFBIZ-12168 > Project: OFBiz > Issue Type: Improvement > Components: ALL COMPONENTS >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Major > Fix For: Upcoming Branch > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-12168) Rename some connoted words like blacklist and whitelist.
[ https://issues.apache.org/jira/browse/OFBIZ-12168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281636#comment-17281636 ] ASF subversion and git services commented on OFBIZ-12168: - Commit f9069945adf5f0aa3577b3228f8f2d27bd655006 in ofbiz-plugins's branch refs/heads/trunk from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-plugins.git;h=f906994 ] Improved: Rename some connoted words like blacklist and whitelist (OFBIZ-12168) Renames respectively blacklist and whitelist to denylist and allowlist in several places. Renames masters and slaves to mains and replicas in solrconfig.xml inherited from the Apache Solr version we use. The slave word is still used at https://cwiki.apache.org/confluence/display/solr/SolrConfigXml referenced from solrconfig.xml There are still a lot of master word which can be replaced by main, but not in contexts where slave is also used. I'll discuss that on dev ML again... > Rename some connoted words like blacklist and whitelist. > - > > Key: OFBIZ-12168 > URL: https://issues.apache.org/jira/browse/OFBIZ-12168 > Project: OFBiz > Issue Type: Improvement > Components: ALL COMPONENTS >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Major > Fix For: Upcoming Branch > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (OFBIZ-12168) Rename some connoted words like blacklist and whitelist.
[ https://issues.apache.org/jira/browse/OFBIZ-12168?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jacques Le Roux updated OFBIZ-12168: Priority: Major (was: Trivial) > Rename some connoted words like blacklist and whitelist. > - > > Key: OFBIZ-12168 > URL: https://issues.apache.org/jira/browse/OFBIZ-12168 > Project: OFBiz > Issue Type: Improvement > Components: ALL COMPONENTS >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: Jacques Le Roux >Priority: Major > Fix For: Upcoming Branch > > -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [ofbiz-plugins] sonarcloud[bot] commented on pull request #52: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] commented on pull request #52: URL: https://github.com/apache/ofbiz-plugins/pull/52#issuecomment-775763235 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-plugins] sonarcloud[bot] removed a comment on pull request #52: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] removed a comment on pull request #52: URL: https://github.com/apache/ofbiz-plugins/pull/52#issuecomment-775296560 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-plugins=52=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-plugins=52=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-plugins=52=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-framework] sonarcloud[bot] removed a comment on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] removed a comment on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775273430 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #267: Improved: Handle remaining checkstyle errors (OFBIZ-12169)
sonarcloud[bot] commented on pull request #267: URL: https://github.com/apache/ofbiz-framework/pull/267#issuecomment-775759557 Kudos, SonarCloud Quality Gate passed! [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=BUG) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=267=false=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [0 Code Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=267=false=CODE_SMELL) [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267) No Coverage information [](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=267=duplicated_lines_density=list) No Duplication information This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (OFBIZ-12171) Handling the JCenter shutdown
[ https://issues.apache.org/jira/browse/OFBIZ-12171?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17281615#comment-17281615 ] Nicolas Malin commented on OFBIZ-12171: --- Hello [~mbrohl] , This is a great job ! I can suggest to set this plugin as to fix to don't stop your migration effort. Ldap is always hard to test to be sur that is really fonctionnal so I would be more in favour of waiting a real case to finish it. > Handling the JCenter shutdown > - > > Key: OFBIZ-12171 > URL: https://issues.apache.org/jira/browse/OFBIZ-12171 > Project: OFBiz > Issue Type: Improvement > Components: ALL APPLICATIONS, ALL COMPONENTS, ALL PLUGINS >Affects Versions: Release Branch 18.12, Trunk, 17.12.05 >Reporter: Michael Brohl >Assignee: Michael Brohl >Priority: Major > > Citing Taher's message at [2]: > Hello Everyone, > > I received emails and checked resources [1] that seem to confirm JCenter from > JFrog is going down and that the last day of operation for the repository is > going to be May 1st 2021. > > This is a big deal as many running instances will crash unless updated, so > not only do future versions of OFBiz need to adapt, but also existing > installations. > > I'm not sure how to best handle this? Especially for production instances out > there on older versions of OFBiz. Maybe one solution is to host the existing > libraries in some temporary location or try to migrate them to MavenCentral > ... Whatever is the solution I think we should make a fast move. > > [1] > [https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter] > > [https://www.infoq.com/news/2021/02/jfrog-jcenter-bintray-closure] > [2] > [https://lists.apache.org/thread.html/rf8e883ca8b90d51ad9d6d48c46f8f1fcc1cb82cce802daeeab0b910a%40%3Cdev.ofbiz.apache.org%3E] > -- This message was sent by Atlassian Jira (v8.3.4#803005)
