Re: svn commit: r1845558 - in /ofbiz: ofbiz-framework/trunk/framework/base/dtd/ ofbiz-framework/trunk/framework/base/src/main/java/org/apache/ofbiz/base/component/ ofbiz-framework/trunk/framework/comm
Done with OFBIZ-10635 Thanks for spotting it Jacques Le 07/01/2019 à 21:03, Jacques Le Roux a écrit : Hi Michael, You are right, I missed that. Fortunately it's an easy fix. I'll create a Jira and will commit the fix soon. Jacques Le 07/01/2019 à 17:26, Michael Brohl a écrit : Hi Jacques, inline... Am 02.11.18 um 10:46 schrieb jler...@apache.org: + // Set an autologin cookie for the webapp if it requests it public static String autoLoginSet(HttpServletRequest request, HttpServletResponse response) { Delegator delegator = (Delegator) request.getAttribute("delegator"); HttpSession session = request.getSession(); GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); - String domain = EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator); - if (userLogin != null) { + WebappInfo webappInfo = ComponentConfig.getWebappInfo("default-server", UtilHttp.getApplicationName(request)); This looks like it only works for webapps of the "default-server". This name is configurable in the ofbiz-component.xml and and should not be hard-coded in the code. Am I right or do I miss something? Regards, Michael + + if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); - autoLoginCookie.setDomain(domain); - autoLoginCookie.setPath("/"); + autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); + autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request)); autoLoginCookie.setSecure(true); autoLoginCookie.setHttpOnly(true); response.addCookie(autoLoginCookie); - + return autoLoginCheck(delegator, session, userLogin.getString("userLoginId")); } else { return "success"; } }
Re: svn commit: r1845558 - in /ofbiz: ofbiz-framework/trunk/framework/base/dtd/ ofbiz-framework/trunk/framework/base/src/main/java/org/apache/ofbiz/base/component/ ofbiz-framework/trunk/framework/comm
Hi Michael, You are right, I missed that. Fortunately it's an easy fix. I'll create a Jira and will commit the fix soon. Jacques Le 07/01/2019 à 17:26, Michael Brohl a écrit : Hi Jacques, inline... Am 02.11.18 um 10:46 schrieb jler...@apache.org: + // Set an autologin cookie for the webapp if it requests it public static String autoLoginSet(HttpServletRequest request, HttpServletResponse response) { Delegator delegator = (Delegator) request.getAttribute("delegator"); HttpSession session = request.getSession(); GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); - String domain = EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator); - if (userLogin != null) { + WebappInfo webappInfo = ComponentConfig.getWebappInfo("default-server", UtilHttp.getApplicationName(request)); This looks like it only works for webapps of the "default-server". This name is configurable in the ofbiz-component.xml and and should not be hard-coded in the code. Am I right or do I miss something? Regards, Michael + + if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); - autoLoginCookie.setDomain(domain); - autoLoginCookie.setPath("/"); + autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); + autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request)); autoLoginCookie.setSecure(true); autoLoginCookie.setHttpOnly(true); response.addCookie(autoLoginCookie); - + return autoLoginCheck(delegator, session, userLogin.getString("userLoginId")); } else { return "success"; } }
Re: svn commit: r1845558 - in /ofbiz: ofbiz-framework/trunk/framework/base/dtd/ ofbiz-framework/trunk/framework/base/src/main/java/org/apache/ofbiz/base/component/ ofbiz-framework/trunk/framework/comm
Hi Jacques, inline... Am 02.11.18 um 10:46 schrieb jler...@apache.org: +// Set an autologin cookie for the webapp if it requests it public static String autoLoginSet(HttpServletRequest request, HttpServletResponse response) { Delegator delegator = (Delegator) request.getAttribute("delegator"); HttpSession session = request.getSession(); GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); -String domain = EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator); -if (userLogin != null) { +WebappInfo webappInfo = ComponentConfig.getWebappInfo("default-server", UtilHttp.getApplicationName(request)); This looks like it only works for webapps of the "default-server". This name is configurable in the ofbiz-component.xml and and should not be hard-coded in the code. Am I right or do I miss something? Regards, Michael + +if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); -autoLoginCookie.setDomain(domain); -autoLoginCookie.setPath("/"); +autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); +autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request)); autoLoginCookie.setSecure(true); autoLoginCookie.setHttpOnly(true); response.addCookie(autoLoginCookie); - + return autoLoginCheck(delegator, session, userLogin.getString("userLoginId")); } else { return "success"; } } smime.p7s Description: S/MIME Cryptographic Signature