Hi Rene, See changeset 1353681
https://fisheye6.atlassian.com/changelog/ofbiz?cs=1353681 and the discussion on Jira issue OFBIZ-4289 https://issues.apache.org/jira/browse/OFBIZ-4289 I hope Jacopo or Jacques have a bit more to say on this. Cheers Paul Foxworthy Rene Frauli wrote > Hello, > > In 12.04 the LoginWorker method "setWebContextObjects" object doesn't > store the delegator, dispatcher, security and the authz in the session > only in the request. > > The effect is that the session for the tenant is not correct and the > tenant cannot be used at all with strange effects. For e.g. data are > stored with the default delegator. > > In comparison with the related method in 11.04 if have added the missing > lines see below and now the tenant is working correctly again. > > > private static void setWebContextObjects(HttpServletRequest request, > HttpServletResponse response, Delegator delegator, LocalDispatcher > dispatcher) { > HttpSession session = request.getSession(); > // NOTE: we do NOT want to set this in the servletContext, only > in the request and session > // We also need to setup the security and authz objects since > they are dependent on the delegator > Security security = null; > try { > security = SecurityFactory.getInstance(delegator); > } catch (SecurityConfigurationException e) { > Debug.logError(e, module); > } > Authorization authz = null; > try { > authz = AuthorizationFactory.getInstance(delegator); > } catch (SecurityConfigurationException e) { > Debug.logError(e, module); > } > > session.setAttribute("delegatorName", > delegator.getDelegatorName()); > > request.setAttribute("delegator", delegator); > > //Missing in 12.04 > session.setAttribute("delegator", delegator); > > request.setAttribute("dispatcher", dispatcher); > > /Missing 12.04 > session.setAttribute("dispatcher", dispatcher); > > request.setAttribute("security", security); > > //Missing 12.04 > session.setAttribute("security", security); > > request.setAttribute("authz", authz); > > //Missing 12.04 > session.setAttribute("authz", authz); > > // get rid of the visit info since it was pointing to the > previous database, and get a new one > session.removeAttribute("visitor"); > session.removeAttribute("visit"); > VisitHandler.getVisitor(request, response); > VisitHandler.getVisit(session); > } > > Regards > Rene ----- -- Coherent Software Australia Pty Ltd http://www.coherentsoftware.com.au/ Bonsai ERP, the all-inclusive ERP system http://www.bonsaierp.com.au/ -- View this message in context: http://ofbiz.135035.n4.nabble.com/Tenant-authentication-problem-in-12-04-tp4637493p4637495.html Sent from the OFBiz - User mailing list archive at Nabble.com.
