Hello all,
I was seeing what we thought was strange behavior in our ofbiz that kept making us login over and over without any real reason. I have had the same thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems to be the same apps that require you to re-enter so I always put it down to something in our version. Then I decided to try it in on the trunk demo and I got the same result. I logged in originally to the catalogue then work effort, project and then I clicked on order manager. I then got a login screen and I entered admin/ofbiz and got the following; The Following Errors Occurred: Error calling event: org.ofbiz.webapp.event.EventHandlerException: Problems processing event: java.lang.IllegalArgumentException: Could not find resource bundle [SecurityextUiLabels] in the locale [en_US] (Could not find resource bundle [SecurityextUiLabels] in the locale [en_US]) I then logged in again with eh same admin/ofbiz combo and was back in the app. Anyone know why this is happening? Thanks. |
Administrator
|
I tried on alternate server and got any problems (Release.revision : trunk.751084)
Jacques From: "Scott." <[hidden email]> > > Hello all, > > I was seeing what we thought was strange behavior in our ofbiz that kept > making us login over and over without any real reason. I have had the same > thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems to be > the same apps that require you to re-enter so I always put it down to > something in our version. Then I decided to try it in on the trunk demo and > I got the same result. > > I logged in originally to the catalogue then work effort, project and then I > clicked on order manager. I then got a login screen and I entered > admin/ofbiz and got the following; > > The Following Errors Occurred: > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Problems > processing event: java.lang.IllegalArgumentException: Could not find > resource bundle [SecurityextUiLabels] in the locale [en_US] (Could not find > resource bundle [SecurityextUiLabels] in the locale [en_US]) > > I then logged in again with eh same admin/ofbiz combo and was back in the > app. > > Anyone know why this is happening? Thanks. > > -- > View this message in context: http://www.nabble.com/Multiple-logins-needed-tp22374485p22374485.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > |
This problem has been reported many times. It is mysterious, but definitely real.
----- Original Message ----- From: "Jacques Le Roux" <[hidden email]> To: [hidden email] Sent: Saturday, March 7, 2009 3:41:36 AM (GMT-0700) America/Denver Subject: Re: Multiple logins needed I tried on alternate server and got any problems (Release.revision : trunk.751084) Jacques From: "Scott." <[hidden email]> > > Hello all, > > I was seeing what we thought was strange behavior in our ofbiz that kept > making us login over and over without any real reason. I have had the same > thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems to be > the same apps that require you to re-enter so I always put it down to > something in our version. Then I decided to try it in on the trunk demo and > I got the same result. > > I logged in originally to the catalogue then work effort, project and then I > clicked on order manager. I then got a login screen and I entered > admin/ofbiz and got the following; > > The Following Errors Occurred: > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Problems > processing event: java.lang.IllegalArgumentException: Could not find > resource bundle [SecurityextUiLabels] in the locale [en_US] (Could not find > resource bundle [SecurityextUiLabels] in the locale [en_US]) > > I then logged in again with eh same admin/ofbiz combo and was back in the > app. > > Anyone know why this is happening? Thanks. > > -- > View this message in context: http://www.nabble.com/Multiple-logins-needed-tp22374485p22374485.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > |
In reply to this post by Scott.
I'm glad its real because I was starting to think I was nuts. I have tried many times to track it down but never seems to be the same way twice. Tried different browsers but thats not it. Had the same issue with Vista, XP Pro and 2003. Every now and then it just asks me for user/pass. It can be 5 minutes of no use or 5 seconds. That said, I dont always get the error. This is something fairly new and I am a user not a developer so I really dont know what it means.
|
Administrator
|
Thanks to both for confirmation. Hans reported it some time ago, and I saw it too.
That's why I tested but I did not reproduce. It's a random bug I guess, hard to trace... We will see anyway... Jacques From: "Scott." <[hidden email]> > > I'm glad its real because I was starting to think I was nuts. I have tried > many times to track it down but never seems to be the same way twice. Tried > different browsers but thats not it. Had the same issue with Vista, XP Pro > and 2003. Every now and then it just asks me for user/pass. It can be 5 > minutes of no use or 5 seconds. That said, I dont always get the error. This > is something fairly new and I am a user not a developer so I really dont > know what it means. > > > > Scott. wrote: >> >> Hello all, >> >> I was seeing what we thought was strange behavior in our ofbiz that kept >> making us login over and over without any real reason. I have had the same >> thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems to be >> the same apps that require you to re-enter so I always put it down to >> something in our version. Then I decided to try it in on the trunk demo >> and I got the same result. >> >> I logged in originally to the catalogue then work effort, project and then >> I clicked on order manager. I then got a login screen and I entered >> admin/ofbiz and got the following; >> >> The Following Errors Occurred: >> >> Error calling event: org.ofbiz.webapp.event.EventHandlerException: >> Problems processing event: java.lang.IllegalArgumentException: Could not >> find resource bundle [SecurityextUiLabels] in the locale [en_US] (Could >> not find resource bundle [SecurityextUiLabels] in the locale [en_US]) >> >> I then logged in again with eh same admin/ofbiz combo and was back in the >> app. >> >> Anyone know why this is happening? Thanks. >> >> > > -- > View this message in context: http://www.nabble.com/Multiple-logins-needed-tp22374485p22389286.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 to track this done take a look in the URL for something like externalLoginKey=EL82824678935 if so then should login if not then need to track back were someone was when they clicked to go to the place where the login happend. Just a thought Jacques Le Roux sent the following on 3/7/2009 8:51 AM: > Thanks to both for confirmation. Hans reported it some time ago, and I > saw it too. > That's why I tested but I did not reproduce. It's a random bug I guess, > hard to trace... We will see anyway... > > Jacques > > From: "Scott." <[hidden email]> >> >> I'm glad its real because I was starting to think I was nuts. I have >> tried >> many times to track it down but never seems to be the same way twice. >> Tried >> different browsers but thats not it. Had the same issue with Vista, XP >> Pro >> and 2003. Every now and then it just asks me for user/pass. It can be 5 >> minutes of no use or 5 seconds. That said, I dont always get the >> error. This >> is something fairly new and I am a user not a developer so I really dont >> know what it means. >> >> >> >> Scott. wrote: >>> >>> Hello all, >>> >>> I was seeing what we thought was strange behavior in our ofbiz that kept >>> making us login over and over without any real reason. I have had the >>> same >>> thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems >>> to be >>> the same apps that require you to re-enter so I always put it down to >>> something in our version. Then I decided to try it in on the trunk demo >>> and I got the same result. >>> >>> I logged in originally to the catalogue then work effort, project and >>> then >>> I clicked on order manager. I then got a login screen and I entered >>> admin/ofbiz and got the following; >>> >>> The Following Errors Occurred: >>> >>> Error calling event: org.ofbiz.webapp.event.EventHandlerException: >>> Problems processing event: java.lang.IllegalArgumentException: Could not >>> find resource bundle [SecurityextUiLabels] in the locale [en_US] (Could >>> not find resource bundle [SecurityextUiLabels] in the locale [en_US]) >>> >>> I then logged in again with eh same admin/ofbiz combo and was back in >>> the >>> app. >>> Anyone know why this is happening? Thanks. >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Multiple-logins-needed-tp22374485p22389286.html >> Sent from the OFBiz - User mailing list archive at Nabble.com. >> > > > Version: GnuPG v1.4.6 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJsxbyrP3NbaWWqE4RAnhpAKDGpCyXdcC5eJIM1LrG1T8i7rdRmwCgqCPx YA62kbCmOjrjThBlWNdV28g= =js4M -----END PGP SIGNATURE----- |
Here is the only thing I have seen come up in the log so far. I was in the CMS application and clicked on the Party tab. I got a login screen instead of being logged into PartyMgr automatically. The URL had the external login key. Here is the only line I found in the log that seems related:
2009-03-08 13:48:19,806 (http-0.0.0.0-8443-3) [ LoginWorker.java:828:WARN ] Could not find userLogin for external login key: EL339616443508 ----- Original Message ----- From: "BJ Freeman" <[hidden email]> To: [hidden email] Sent: Saturday, March 7, 2009 6:38:23 PM (GMT-0700) America/Denver Subject: Re: Multiple logins needed -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 to track this done take a look in the URL for something like externalLoginKey=EL82824678935 if so then should login if not then need to track back were someone was when they clicked to go to the place where the login happend. Just a thought Jacques Le Roux sent the following on 3/7/2009 8:51 AM: > Thanks to both for confirmation. Hans reported it some time ago, and I > saw it too. > That's why I tested but I did not reproduce. It's a random bug I guess, > hard to trace... We will see anyway... > > Jacques > > From: "Scott." <[hidden email]> >> >> I'm glad its real because I was starting to think I was nuts. I have >> tried >> many times to track it down but never seems to be the same way twice. >> Tried >> different browsers but thats not it. Had the same issue with Vista, XP >> Pro >> and 2003. Every now and then it just asks me for user/pass. It can be 5 >> minutes of no use or 5 seconds. That said, I dont always get the >> error. This >> is something fairly new and I am a user not a developer so I really dont >> know what it means. >> >> >> >> Scott. wrote: >>> >>> Hello all, >>> >>> I was seeing what we thought was strange behavior in our ofbiz that kept >>> making us login over and over without any real reason. I have had the >>> same >>> thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems >>> to be >>> the same apps that require you to re-enter so I always put it down to >>> something in our version. Then I decided to try it in on the trunk demo >>> and I got the same result. >>> >>> I logged in originally to the catalogue then work effort, project and >>> then >>> I clicked on order manager. I then got a login screen and I entered >>> admin/ofbiz and got the following; >>> >>> The Following Errors Occurred: >>> >>> Error calling event: org.ofbiz.webapp.event.EventHandlerException: >>> Problems processing event: java.lang.IllegalArgumentException: Could not >>> find resource bundle [SecurityextUiLabels] in the locale [en_US] (Could >>> not find resource bundle [SecurityextUiLabels] in the locale [en_US]) >>> >>> I then logged in again with eh same admin/ofbiz combo and was back in >>> the >>> app. >>> Anyone know why this is happening? Thanks. >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Multiple-logins-needed-tp22374485p22389286.html >> Sent from the OFBiz - User mailing list archive at Nabble.com. >> > > > Version: GnuPG v1.4.6 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJsxbyrP3NbaWWqE4RAnhpAKDGpCyXdcC5eJIM1LrG1T8i7rdRmwCgqCPx YA62kbCmOjrjThBlWNdV28g= =js4M -----END PGP SIGNATURE----- |
You may be describing a well known issue, and one that is part of the way the externalLoginKey works (so it is not likely to change). The externalLoginKey allows you to automatically login to another webapp without a username/password. In order to do this a new login key is generated with EVERY request to the server in order to keep it's life cycle pretty short. As long as it is on a secure/https page when it goes to the browser it is pretty safe, but it generally comes back to the server in a URL and so needs to be invalidated immediately so that it cannot be used again, as that is pretty easy to snoop. So, to make it not work is easy: just have a page open in your browser that has a stale externalLoginKey in its URLS. 1. load a page where you are authenticated in tab/window A 2. right click on a link within the webapp and open it in tab/window B 3. go back to tab/window A and click on any link that goes to a webapp that you are not already logged into and that has an externalLoginKey parameter The externalLoginKey will be stale, so that auto-login will fail and you will be presented with the login form. -David On Mar 8, 2009, at 1:30 PM, Vince M. Clark wrote: > Here is the only thing I have seen come up in the log so far. I was > in the CMS application and clicked on the Party tab. I got a login > screen instead of being logged into PartyMgr automatically. The URL > had the external login key. Here is the only line I found in the log > that seems related: > > 2009-03-08 13:48:19,806 (http-0.0.0.0-8443-3) [ LoginWorker.java: > 828:WARN ] Could not find userLogin for external login key: > EL339616443508 > > ----- Original Message ----- > From: "BJ Freeman" <[hidden email]> > To: [hidden email] > Sent: Saturday, March 7, 2009 6:38:23 PM (GMT-0700) America/Denver > Subject: Re: Multiple logins needed > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > to track this done take a look in the URL for something like > externalLoginKey=EL82824678935 > if so then should login > if not then need to track back were someone was when they clicked to > go > to the place where the login happend. > > Just a thought > > Jacques Le Roux sent the following on 3/7/2009 8:51 AM: >> Thanks to both for confirmation. Hans reported it some time ago, >> and I >> saw it too. >> That's why I tested but I did not reproduce. It's a random bug I >> guess, >> hard to trace... We will see anyway... >> >> Jacques >> >> From: "Scott." <[hidden email]> >>> >>> I'm glad its real because I was starting to think I was nuts. I have >>> tried >>> many times to track it down but never seems to be the same way >>> twice. >>> Tried >>> different browsers but thats not it. Had the same issue with >>> Vista, XP >>> Pro >>> and 2003. Every now and then it just asks me for user/pass. It can >>> be 5 >>> minutes of no use or 5 seconds. That said, I dont always get the >>> error. This >>> is something fairly new and I am a user not a developer so I >>> really dont >>> know what it means. >>> >>> >>> >>> Scott. wrote: >>>> >>>> Hello all, >>>> >>>> I was seeing what we thought was strange behavior in our ofbiz >>>> that kept >>>> making us login over and over without any real reason. I have had >>>> the >>>> same >>>> thing using FF3 and IE7 on an XP pro sp2 workstation. It never >>>> seems >>>> to be >>>> the same apps that require you to re-enter so I always put it >>>> down to >>>> something in our version. Then I decided to try it in on the >>>> trunk demo >>>> and I got the same result. >>>> >>>> I logged in originally to the catalogue then work effort, project >>>> and >>>> then >>>> I clicked on order manager. I then got a login screen and I entered >>>> admin/ofbiz and got the following; >>>> >>>> The Following Errors Occurred: >>>> >>>> Error calling event: org.ofbiz.webapp.event.EventHandlerException: >>>> Problems processing event: java.lang.IllegalArgumentException: >>>> Could not >>>> find resource bundle [SecurityextUiLabels] in the locale [en_US] >>>> (Could >>>> not find resource bundle [SecurityextUiLabels] in the locale >>>> [en_US]) >>>> >>>> I then logged in again with eh same admin/ofbiz combo and was >>>> back in >>>> the >>>> app. >>>> Anyone know why this is happening? Thanks. >>>> >>>> >>> >>> -- >>> View this message in context: >>> http://www.nabble.com/Multiple-logins-needed- >>> tp22374485p22389286.html >>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>> >> >> >> > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFJsxbyrP3NbaWWqE4RAnhpAKDGpCyXdcC5eJIM1LrG1T8i7rdRmwCgqCPx > YA62kbCmOjrjThBlWNdV28g= > =js4M > -----END PGP SIGNATURE----- |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 My reason for mentioning the externalLoginKey was to see if a link that ask for login did not have it. but thanks for the explaination. should go in the FAQ's LOL David E Jones sent the following on 3/8/2009 1:25 PM: > > You may be describing a well known issue, and one that is part of the > way the externalLoginKey works (so it is not likely to change). The > externalLoginKey allows you to automatically login to another webapp > without a username/password. In order to do this a new login key is > generated with EVERY request to the server in order to keep it's life > cycle pretty short. As long as it is on a secure/https page when it goes > to the browser it is pretty safe, but it generally comes back to the > server in a URL and so needs to be invalidated immediately so that it > cannot be used again, as that is pretty easy to snoop. > > So, to make it not work is easy: just have a page open in your browser > that has a stale externalLoginKey in its URLS. > > 1. load a page where you are authenticated in tab/window A > 2. right click on a link within the webapp and open it in tab/window B > 3. go back to tab/window A and click on any link that goes to a webapp > that you are not already logged into and that has an externalLoginKey > parameter > > The externalLoginKey will be stale, so that auto-login will fail and you > will be presented with the login form. > > -David > > > On Mar 8, 2009, at 1:30 PM, Vince M. Clark wrote: > >> Here is the only thing I have seen come up in the log so far. I was in >> the CMS application and clicked on the Party tab. I got a login screen >> instead of being logged into PartyMgr automatically. The URL had the >> external login key. Here is the only line I found in the log that >> seems related: >> >> 2009-03-08 13:48:19,806 (http-0.0.0.0-8443-3) [ >> LoginWorker.java:828:WARN ] Could not find userLogin for external >> login key: EL339616443508 >> >> ----- Original Message ----- >> From: "BJ Freeman" <[hidden email]> >> To: [hidden email] >> Sent: Saturday, March 7, 2009 6:38:23 PM (GMT-0700) America/Denver >> Subject: Re: Multiple logins needed >> > to track this done take a look in the URL for something like > externalLoginKey=EL82824678935 > if so then should login > if not then need to track back were someone was when they clicked to go > to the place where the login happend. > > Just a thought > > Jacques Le Roux sent the following on 3/7/2009 8:51 AM: >>>> Thanks to both for confirmation. Hans reported it some time ago, and I >>>> saw it too. >>>> That's why I tested but I did not reproduce. It's a random bug I guess, >>>> hard to trace... We will see anyway... >>>> >>>> Jacques >>>> >>>> From: "Scott." <[hidden email]> >>>>> >>>>> I'm glad its real because I was starting to think I was nuts. I have >>>>> tried >>>>> many times to track it down but never seems to be the same way twice. >>>>> Tried >>>>> different browsers but thats not it. Had the same issue with Vista, XP >>>>> Pro >>>>> and 2003. Every now and then it just asks me for user/pass. It can be 5 >>>>> minutes of no use or 5 seconds. That said, I dont always get the >>>>> error. This >>>>> is something fairly new and I am a user not a developer so I really >>>>> dont >>>>> know what it means. >>>>> >>>>> >>>>> >>>>> Scott. wrote: >>>>>> >>>>>> Hello all, >>>>>> >>>>>> I was seeing what we thought was strange behavior in our ofbiz that >>>>>> kept >>>>>> making us login over and over without any real reason. I have had the >>>>>> same >>>>>> thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems >>>>>> to be >>>>>> the same apps that require you to re-enter so I always put it down to >>>>>> something in our version. Then I decided to try it in on the trunk >>>>>> demo >>>>>> and I got the same result. >>>>>> >>>>>> I logged in originally to the catalogue then work effort, project and >>>>>> then >>>>>> I clicked on order manager. I then got a login screen and I entered >>>>>> admin/ofbiz and got the following; >>>>>> >>>>>> The Following Errors Occurred: >>>>>> >>>>>> Error calling event: org.ofbiz.webapp.event.EventHandlerException: >>>>>> Problems processing event: java.lang.IllegalArgumentException: >>>>>> Could not >>>>>> find resource bundle [SecurityextUiLabels] in the locale [en_US] >>>>>> (Could >>>>>> not find resource bundle [SecurityextUiLabels] in the locale [en_US]) >>>>>> >>>>>> I then logged in again with eh same admin/ofbiz combo and was back in >>>>>> the >>>>>> app. >>>>>> Anyone know why this is happening? Thanks. >>>>>> >>>>>> >>>>> >>>>> -- >>>>> View this message in context: >>>>> http://www.nabble.com/Multiple-logins-needed-tp22374485p22389286.html >>>>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>>>> >>>> >>>> >>>> Version: GnuPG v1.4.6 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJtEDtrP3NbaWWqE4RAikSAJ9aTk0zhqpx7oG5KzimJoKJaXVE+gCgyB1R Axj2p4E4hZw7KXcpUmiPfpo= =m3Nc -----END PGP SIGNATURE----- |
In reply to this post by David E Jones-3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 http://docs.ofbiz.org/display/OFBIZ/FAQ+Why+do+I+have+to+login+when+there+is+a+externalLoginKey David E Jones sent the following on 3/8/2009 1:25 PM: > > You may be describing a well known issue, and one that is part of the > way the externalLoginKey works (so it is not likely to change). The > externalLoginKey allows you to automatically login to another webapp > without a username/password. In order to do this a new login key is > generated with EVERY request to the server in order to keep it's life > cycle pretty short. As long as it is on a secure/https page when it goes > to the browser it is pretty safe, but it generally comes back to the > server in a URL and so needs to be invalidated immediately so that it > cannot be used again, as that is pretty easy to snoop. > > So, to make it not work is easy: just have a page open in your browser > that has a stale externalLoginKey in its URLS. > > 1. load a page where you are authenticated in tab/window A > 2. right click on a link within the webapp and open it in tab/window B > 3. go back to tab/window A and click on any link that goes to a webapp > that you are not already logged into and that has an externalLoginKey > parameter > > The externalLoginKey will be stale, so that auto-login will fail and you > will be presented with the login form. > > -David > > > On Mar 8, 2009, at 1:30 PM, Vince M. Clark wrote: > >> Here is the only thing I have seen come up in the log so far. I was in >> the CMS application and clicked on the Party tab. I got a login screen >> instead of being logged into PartyMgr automatically. The URL had the >> external login key. Here is the only line I found in the log that >> seems related: >> >> 2009-03-08 13:48:19,806 (http-0.0.0.0-8443-3) [ >> LoginWorker.java:828:WARN ] Could not find userLogin for external >> login key: EL339616443508 >> >> ----- Original Message ----- >> From: "BJ Freeman" <[hidden email]> >> To: [hidden email] >> Sent: Saturday, March 7, 2009 6:38:23 PM (GMT-0700) America/Denver >> Subject: Re: Multiple logins needed >> > to track this done take a look in the URL for something like > externalLoginKey=EL82824678935 > if so then should login > if not then need to track back were someone was when they clicked to go > to the place where the login happend. > > Just a thought > > Jacques Le Roux sent the following on 3/7/2009 8:51 AM: >>>> Thanks to both for confirmation. Hans reported it some time ago, and I >>>> saw it too. >>>> That's why I tested but I did not reproduce. It's a random bug I guess, >>>> hard to trace... We will see anyway... >>>> >>>> Jacques >>>> >>>> From: "Scott." <[hidden email]> >>>>> >>>>> I'm glad its real because I was starting to think I was nuts. I have >>>>> tried >>>>> many times to track it down but never seems to be the same way twice. >>>>> Tried >>>>> different browsers but thats not it. Had the same issue with Vista, XP >>>>> Pro >>>>> and 2003. Every now and then it just asks me for user/pass. It can be 5 >>>>> minutes of no use or 5 seconds. That said, I dont always get the >>>>> error. This >>>>> is something fairly new and I am a user not a developer so I really >>>>> dont >>>>> know what it means. >>>>> >>>>> >>>>> >>>>> Scott. wrote: >>>>>> >>>>>> Hello all, >>>>>> >>>>>> I was seeing what we thought was strange behavior in our ofbiz that >>>>>> kept >>>>>> making us login over and over without any real reason. I have had the >>>>>> same >>>>>> thing using FF3 and IE7 on an XP pro sp2 workstation. It never seems >>>>>> to be >>>>>> the same apps that require you to re-enter so I always put it down to >>>>>> something in our version. Then I decided to try it in on the trunk >>>>>> demo >>>>>> and I got the same result. >>>>>> >>>>>> I logged in originally to the catalogue then work effort, project and >>>>>> then >>>>>> I clicked on order manager. I then got a login screen and I entered >>>>>> admin/ofbiz and got the following; >>>>>> >>>>>> The Following Errors Occurred: >>>>>> >>>>>> Error calling event: org.ofbiz.webapp.event.EventHandlerException: >>>>>> Problems processing event: java.lang.IllegalArgumentException: >>>>>> Could not >>>>>> find resource bundle [SecurityextUiLabels] in the locale [en_US] >>>>>> (Could >>>>>> not find resource bundle [SecurityextUiLabels] in the locale [en_US]) >>>>>> >>>>>> I then logged in again with eh same admin/ofbiz combo and was back in >>>>>> the >>>>>> app. >>>>>> Anyone know why this is happening? Thanks. >>>>>> >>>>>> >>>>> >>>>> -- >>>>> View this message in context: >>>>> http://www.nabble.com/Multiple-logins-needed-tp22374485p22389286.html >>>>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>>>> >>>> >>>> >>>> Version: GnuPG v1.4.6 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJtEJQrP3NbaWWqE4RAhw6AJ9xB64pm2ITXgqYio2DKv3TLQ1fMgCfZFqj dhGNvJjcA3TAIcfA8v7E4C8= =Y7UI -----END PGP SIGNATURE----- |
In reply to this post by David E Jones-3
Quoting David E Jones <[hidden email]>:
> > You may be describing a well known issue, and one that is part of the > way the externalLoginKey works (so it is not likely to change). The > externalLoginKey allows you to automatically login to another webapp > without a username/password. In order to do this a new login key is > generated with EVERY request to the server in order to keep it's life > cycle pretty short. As long as it is on a secure/https page when it > goes to the browser it is pretty safe, but it generally comes back to > the server in a URL and so needs to be invalidated immediately so that > it cannot be used again, as that is pretty easy to snoop. > > So, to make it not work is easy: just have a page open in your browser > that has a stale externalLoginKey in its URLS. > > 1. load a page where you are authenticated in tab/window A > 2. right click on a link within the webapp and open it in tab/window B > 3. go back to tab/window A and click on any link that goes to a webapp > that you are not already logged into and that has an externalLoginKey > parameter > > The externalLoginKey will be stale, so that auto-login will fail and > you will be presented with the login form. > I was wondering why externalLoginKey is not a cookie? Probably because of security reasons, but if it was a cookie, it would have a short life cycle as JSESSIONID cookie (the cookie value will be updated on every request) and working on many browser tabs at the same time wouldn't require multiple logins. Bilgin ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. |
On Mar 11, 2009, at 5:16 PM, Bilgin Ibryam wrote: > Quoting David E Jones <[hidden email]>: > >> >> You may be describing a well known issue, and one that is part of the >> way the externalLoginKey works (so it is not likely to change). The >> externalLoginKey allows you to automatically login to another webapp >> without a username/password. In order to do this a new login key is >> generated with EVERY request to the server in order to keep it's life >> cycle pretty short. As long as it is on a secure/https page when it >> goes to the browser it is pretty safe, but it generally comes back to >> the server in a URL and so needs to be invalidated immediately so >> that >> it cannot be used again, as that is pretty easy to snoop. >> >> So, to make it not work is easy: just have a page open in your >> browser >> that has a stale externalLoginKey in its URLS. >> >> 1. load a page where you are authenticated in tab/window A >> 2. right click on a link within the webapp and open it in tab/ >> window B >> 3. go back to tab/window A and click on any link that goes to a >> webapp >> that you are not already logged into and that has an externalLoginKey >> parameter >> >> The externalLoginKey will be stale, so that auto-login will fail and >> you will be presented with the login form. >> > > I was wondering why externalLoginKey is not a cookie? Probably > because of security reasons, but if it was a cookie, it would have a > short life cycle as JSESSIONID cookie (the cookie value will be > updated on every request) and working on many browser tabs at the > same time wouldn't require multiple logins. That's a good idea. In theory even if the externalLoginKey were updated with every request the cookie in the browser (if there is only one cookie) then it would be updated and even other tabs and windows should use that with their request. There is a still a chance that 2 requests could end up in a race condition where one gets in and causes the server-side key to update even though the other request is on its way out and gets there after the server key is updated, but still using the old key from the client cookie. Anyway, this is a good idea and the only reason I can think of to not do it is the one you mentioned, ie the security of cookies. It is very easy to spoof cookie domain names and get cookies from other sites... it's a "feature" of cookies that causes problems. There may be ways to protect a cookie better, like encrypting it, but even if the key is secret on the server a fast attacker, or one that finds a session that has been idle for a while, then it can still get the encrypted value and the server wouldn't know if it came from a valid client or a forged one. Sorry, was thinking out loud... I'm not sure if there is a good enough way to protect the cookie... and considering that this would be substitution for the username and password, I'm not sure I like it (I even have reservations about the current externalLoginKey... but a better alternative is tricky...). -David |
In reply to this post by Scott.
hey,I got the same error
I have no idea the following is my step 1、down the ofbiz package from website today 2、change the database for mysql5 3、don't load application directory and the specialpurpose directory 4、don't load the compentment of testtools and the example in the directory of framework and I change the port from 8080 to 80 5、my jdk is 1.5 and the development server is windows xp 6、I go into the directory of ofbiz.and then run "clean-all" ,I run "run-install" after last command 7、then I start the ofbiz by type "startofbiz.bat" in cmd and then I login in the webtools. I get the errors as follow "The Following Errors Occurred: The following error occurred during login: Service target threw an unexpected exception (Could not find resource bundle [SecurityextUiLabels] in the locale [zh_CN]) " by the way .I am from China. |
In reply to this post by David E Jones-3
I agree cookies are not secure and so not a good candite for keeping
externalLoginKeys. It would be great if browsers could store such information in more secure places (like in memory) and send it with every request... Anyway, I guest 3 more cases when externalLoginKey are "expired" and login is required: 1. This one is already fixed, I put it here only informative. Last week form widget links were rendered with empty src=" " tag, this cause the brawser to make a new request to the same url, and rendering the same page expires the externalLoginKeys. 2. Clickin on lookup button. 3. Ajax events which render screens (like ajax pagiantion and ajax drop downs). For solving 2 and 3 I guess two ways: Mark some of the requrest (actually better the views in controller)so they don't generate new externalLoginKeys. Or add a request parameter to every request which should not generate new externalLoginKey. WDYT? Other proposals? Bilgin On Mar 12, 2009, at 7:19 AM, David E Jones wrote: > > On Mar 11, 2009, at 5:16 PM, Bilgin Ibryam wrote: > >> Quoting David E Jones <[hidden email]>: >> >>> >>> You may be describing a well known issue, and one that is part of >>> the >>> way the externalLoginKey works (so it is not likely to change). The >>> externalLoginKey allows you to automatically login to another webapp >>> without a username/password. In order to do this a new login key is >>> generated with EVERY request to the server in order to keep it's >>> life >>> cycle pretty short. As long as it is on a secure/https page when it >>> goes to the browser it is pretty safe, but it generally comes back >>> to >>> the server in a URL and so needs to be invalidated immediately so >>> that >>> it cannot be used again, as that is pretty easy to snoop. >>> >>> So, to make it not work is easy: just have a page open in your >>> browser >>> that has a stale externalLoginKey in its URLS. >>> >>> 1. load a page where you are authenticated in tab/window A >>> 2. right click on a link within the webapp and open it in tab/ >>> window B >>> 3. go back to tab/window A and click on any link that goes to a >>> webapp >>> that you are not already logged into and that has an >>> externalLoginKey >>> parameter >>> >>> The externalLoginKey will be stale, so that auto-login will fail and >>> you will be presented with the login form. >>> >> >> I was wondering why externalLoginKey is not a cookie? Probably >> because of security reasons, but if it was a cookie, it would have >> a short life cycle as JSESSIONID cookie (the cookie value will be >> updated on every request) and working on many browser tabs at the >> same time wouldn't require multiple logins. > > That's a good idea. In theory even if the externalLoginKey were > updated with every request the cookie in the browser (if there is > only one cookie) then it would be updated and even other tabs and > windows should use that with their request. There is a still a > chance that 2 requests could end up in a race condition where one > gets in and causes the server-side key to update even though the > other request is on its way out and gets there after the server key > is updated, but still using the old key from the client cookie. > > Anyway, this is a good idea and the only reason I can think of to > not do it is the one you mentioned, ie the security of cookies. It > is very easy to spoof cookie domain names and get cookies from other > sites... it's a "feature" of cookies that causes problems. > > There may be ways to protect a cookie better, like encrypting it, > but even if the key is secret on the server a fast attacker, or one > that finds a session that has been idle for a while, then it can > still get the encrypted value and the server wouldn't know if it > came from a valid client or a forged one. > > Sorry, was thinking out loud... I'm not sure if there is a good > enough way to protect the cookie... and considering that this would > be substitution for the username and password, I'm not sure I like > it (I even have reservations about the current externalLoginKey... > but a better alternative is tricky...). > > -David > > |
Administrator
|
In reply to this post by kongqz
Any interesting log snippet around the error ? Is it reprodutible ? R.r (Release.revision) ?
Thanks Jacques From: "kongqz" <[hidden email]> > > hey,I got the same error > I have no idea > the following is my step > 1、down the ofbiz package from website today > 2、change the database for mysql5 > 3、don't load application directory and the specialpurpose directory > 4、don't load the compentment of testtools and the example in the directory > of framework > and I change the port from 8080 to 80 > 5、my jdk is 1.5 and the development server is windows xp > 6、I go into the directory of ofbiz.and then run "clean-all" ,I run > "run-install" after last command > 7、then I start the ofbiz by type "startofbiz.bat" in cmd > and then I login in the webtools. > I get the errors as follow > "The Following Errors Occurred: > > The following error occurred during login: Service target threw an > unexpected exception (Could not find resource bundle [SecurityextUiLabels] > in the locale [zh_CN]) > " > by the way .I am from China. > > -- > View this message in context: http://www.nabble.com/Multiple-logins-needed-tp22374485p22491095.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > > |
I can reproduce is on demo server, but not locally. Here are the steps
1. From ofbiz site, using the demo links log in to trunk 2. Log out 3. Enter a wrong password and try to log in. I got this error message: Error calling event: org.ofbiz.webapp.event.EventHandlerException: Problems processing event: java.lang.IllegalArgumentException: Could not find resource bundle [SecurityextUiLabels] in the locale [en_US] (Could not find resource bundle [SecurityextUiLabels] in the locale [en_US]) Bilgin On Mar 13, 2009, at 12:23 PM, Jacques Le Roux wrote: > Any interesting log snippet around the error ? Is it reprodutible ? > R.r (Release.revision) ? > > Thanks > > Jacques > > From: "kongqz" <[hidden email]> >> >> hey,I got the same error >> I have no idea >> the following is my step >> 1、down the ofbiz package from website today >> 2、change the database for mysql5 >> 3、don't load application directory and the specialpurpose directory >> 4、don't load the compentment of testtools and the example in the >> directory >> of framework >> and I change the port from 8080 to 80 >> 5、my jdk is 1.5 and the development server is windows xp >> 6、I go into the directory of ofbiz.and then run "clean-all" ,I run >> "run-install" after last command >> 7、then I start the ofbiz by type "startofbiz.bat" in cmd >> and then I login in the webtools. >> I get the errors as follow >> "The Following Errors Occurred: >> >> The following error occurred during login: Service target threw an >> unexpected exception (Could not find resource bundle >> [SecurityextUiLabels] >> in the locale [zh_CN]) >> " >> by the way .I am from China. >> >> -- >> View this message in context: http://www.nabble.com/Multiple-logins-needed-tp22374485p22491095.html >> Sent from the OFBiz - User mailing list archive at Nabble.com. >> > > |
In reply to this post by Bilgin Ibryam
On Mar 13, 2009, at 3:58 AM, Bilgin Ibryam wrote: > 2. Clickin on lookup button. > 3. Ajax events which render screens (like ajax pagiantion and ajax > drop downs). Have you actually observed either of these? If there are issues like this anywhere it is because of bad coding. Lookup windows and ajax requests should always be in the same webapp, and can participate in the existing session. The externalLoginKey is only for situations where you are jumping to different webapps, and there is no reason to do that for lookups and AJAX stuff (especially since you can generally add about 2 lines of XML to the controller.xml file to reuse resources even if they are defined in another component). -David > For solving 2 and 3 I guess two ways: > Mark some of the requrest (actually better the views in > controller)so they don't generate new externalLoginKeys. > Or add a request parameter to every request which should not > generate new externalLoginKey. > > WDYT? Other proposals? > > Bilgin > On Mar 12, 2009, at 7:19 AM, David E Jones wrote: > >> >> On Mar 11, 2009, at 5:16 PM, Bilgin Ibryam wrote: >> >>> Quoting David E Jones <[hidden email]>: >>> >>>> >>>> You may be describing a well known issue, and one that is part of >>>> the >>>> way the externalLoginKey works (so it is not likely to change). The >>>> externalLoginKey allows you to automatically login to another >>>> webapp >>>> without a username/password. In order to do this a new login key is >>>> generated with EVERY request to the server in order to keep it's >>>> life >>>> cycle pretty short. As long as it is on a secure/https page when it >>>> goes to the browser it is pretty safe, but it generally comes >>>> back to >>>> the server in a URL and so needs to be invalidated immediately so >>>> that >>>> it cannot be used again, as that is pretty easy to snoop. >>>> >>>> So, to make it not work is easy: just have a page open in your >>>> browser >>>> that has a stale externalLoginKey in its URLS. >>>> >>>> 1. load a page where you are authenticated in tab/window A >>>> 2. right click on a link within the webapp and open it in tab/ >>>> window B >>>> 3. go back to tab/window A and click on any link that goes to a >>>> webapp >>>> that you are not already logged into and that has an >>>> externalLoginKey >>>> parameter >>>> >>>> The externalLoginKey will be stale, so that auto-login will fail >>>> and >>>> you will be presented with the login form. >>>> >>> >>> I was wondering why externalLoginKey is not a cookie? Probably >>> because of security reasons, but if it was a cookie, it would have >>> a short life cycle as JSESSIONID cookie (the cookie value will be >>> updated on every request) and working on many browser tabs at the >>> same time wouldn't require multiple logins. >> >> That's a good idea. In theory even if the externalLoginKey were >> updated with every request the cookie in the browser (if there is >> only one cookie) then it would be updated and even other tabs and >> windows should use that with their request. There is a still a >> chance that 2 requests could end up in a race condition where one >> gets in and causes the server-side key to update even though the >> other request is on its way out and gets there after the server key >> is updated, but still using the old key from the client cookie. >> >> Anyway, this is a good idea and the only reason I can think of to >> not do it is the one you mentioned, ie the security of cookies. It >> is very easy to spoof cookie domain names and get cookies from >> other sites... it's a "feature" of cookies that causes problems. >> >> There may be ways to protect a cookie better, like encrypting it, >> but even if the key is secret on the server a fast attacker, or one >> that finds a session that has been idle for a while, then it can >> still get the encrypted value and the server wouldn't know if it >> came from a valid client or a forged one. >> >> Sorry, was thinking out loud... I'm not sure if there is a good >> enough way to protect the cookie... and considering that this would >> be substitution for the username and password, I'm not sure I like >> it (I even have reservations about the current externalLoginKey... >> but a better alternative is tricky...). >> >> -David >> >> > |
On Mar 13, 2009, at 10:12 PM, David E Jones wrote: > > On Mar 13, 2009, at 3:58 AM, Bilgin Ibryam wrote: > >> 2. Clickin on lookup button. >> 3. Ajax events which render screens (like ajax pagiantion and ajax >> drop downs). > > Have you actually observed either of these? If there are issues like > this anywhere it is because of bad coding. Lookup windows and ajax > requests should always be in the same webapp, and can participate in > the existing session. ajax are request in the same webapp, but the problem is that the method for generating new externalLoginKey is invoked from ScreenRender.populateContextForRequest before a screen is rendered. So whenever a screen is rendered (this include also lookup and ajax screens) new externalLoginKey is generated and expires the one on the main page. > > > The externalLoginKey is only for situations where you are jumping to > different webapps, and there is no reason to do that for lookups and > AJAX stuff (especially since you can generally add about 2 lines of > XML to the controller.xml file to reuse resources even if they are > defined in another component). I think I was not clear. For ajax and lookups externalLoginKey is not used, but during the rendering the lookup or ajax response screen, a new externalLoginKey is generated, and this expires externalLoginKey on the main page. So if you try to jump to another application exactly after lookup or ajax pagination or ajax sorting use, login will be required. Looking more for it, I see that ScreenTextViewHandler, ScreenXmlViewHandler and ScreenFopViewHandler also call ScreenRenderer.populateContextForRequest method, and cause generating new externalLoginKey, but this view handlers don't need externalLoginKey at all. Any advice how to fix all that? Bilgin > > > -David > > >> For solving 2 and 3 I guess two ways: >> Mark some of the requrest (actually better the views in >> controller)so they don't generate new externalLoginKeys. >> Or add a request parameter to every request which should not >> generate new externalLoginKey. >> >> WDYT? Other proposals? >> >> Bilgin >> On Mar 12, 2009, at 7:19 AM, David E Jones wrote: >> >>> >>> On Mar 11, 2009, at 5:16 PM, Bilgin Ibryam wrote: >>> >>>> Quoting David E Jones <[hidden email]>: >>>> >>>>> >>>>> You may be describing a well known issue, and one that is part >>>>> of the >>>>> way the externalLoginKey works (so it is not likely to change). >>>>> The >>>>> externalLoginKey allows you to automatically login to another >>>>> webapp >>>>> without a username/password. In order to do this a new login key >>>>> is >>>>> generated with EVERY request to the server in order to keep it's >>>>> life >>>>> cycle pretty short. As long as it is on a secure/https page when >>>>> it >>>>> goes to the browser it is pretty safe, but it generally comes >>>>> back to >>>>> the server in a URL and so needs to be invalidated immediately >>>>> so that >>>>> it cannot be used again, as that is pretty easy to snoop. >>>>> >>>>> So, to make it not work is easy: just have a page open in your >>>>> browser >>>>> that has a stale externalLoginKey in its URLS. >>>>> >>>>> 1. load a page where you are authenticated in tab/window A >>>>> 2. right click on a link within the webapp and open it in tab/ >>>>> window B >>>>> 3. go back to tab/window A and click on any link that goes to a >>>>> webapp >>>>> that you are not already logged into and that has an >>>>> externalLoginKey >>>>> parameter >>>>> >>>>> The externalLoginKey will be stale, so that auto-login will fail >>>>> and >>>>> you will be presented with the login form. >>>>> >>>> >>>> I was wondering why externalLoginKey is not a cookie? Probably >>>> because of security reasons, but if it was a cookie, it would >>>> have a short life cycle as JSESSIONID cookie (the cookie value >>>> will be updated on every request) and working on many browser >>>> tabs at the same time wouldn't require multiple logins. >>> >>> That's a good idea. In theory even if the externalLoginKey were >>> updated with every request the cookie in the browser (if there is >>> only one cookie) then it would be updated and even other tabs and >>> windows should use that with their request. There is a still a >>> chance that 2 requests could end up in a race condition where one >>> gets in and causes the server-side key to update even though the >>> other request is on its way out and gets there after the server >>> key is updated, but still using the old key from the client cookie. >>> >>> Anyway, this is a good idea and the only reason I can think of to >>> not do it is the one you mentioned, ie the security of cookies. It >>> is very easy to spoof cookie domain names and get cookies from >>> other sites... it's a "feature" of cookies that causes problems. >>> >>> There may be ways to protect a cookie better, like encrypting it, >>> but even if the key is secret on the server a fast attacker, or >>> one that finds a session that has been idle for a while, then it >>> can still get the encrypted value and the server wouldn't know if >>> it came from a valid client or a forged one. >>> >>> Sorry, was thinking out loud... I'm not sure if there is a good >>> enough way to protect the cookie... and considering that this >>> would be substitution for the username and password, I'm not sure >>> I like it (I even have reservations about the current >>> externalLoginKey... but a better alternative is tricky...). >>> >>> -David >>> >>> >> > |
Administrator
|
In reply to this post by Bilgin Ibryam
Thanks Bilgin,
I checked the log and then asked Contegix people to revert this file (framework/common/config/SecurityextUiLabels.xml) cetainly a merging issue BTW I got also this eror while trying to use Labels Manager on demo server 2009-03-15 08:26:26,651 (TP-Processor3) [ ModelScreen.java:409:ERROR] Error rendering screen [component://webtools/widget/LabelManagerScreens.xml#SearchLabels]: org.ofbiz.base.util.GeneralException: Error running Groovy script at location [component://webtools/webapp/webtools/WEB-INF/actions/labelmanager/LabelManager.groovy] (The content of elements must consist of well-formed character data or markup.). Rolling back transaction. I hope it's related (would fix 2 errors in one shoot :o) Jacques From: "Bilgin Ibryam" <[hidden email]> >I can reproduce is on demo server, but not locally. Here are the steps > 1. From ofbiz site, using the demo links log in to trunk > 2. Log out > 3. Enter a wrong password and try to log in. > > I got this error message: > > Error calling event: org.ofbiz.webapp.event.EventHandlerException: Problems processing event: java.lang.IllegalArgumentException: > Could not find resource bundle [SecurityextUiLabels] in the locale [en_US] (Could not find resource bundle [SecurityextUiLabels] > in the locale [en_US]) > > Bilgin > > On Mar 13, 2009, at 12:23 PM, Jacques Le Roux wrote: > >> Any interesting log snippet around the error ? Is it reprodutible ? R.r (Release.revision) ? >> >> Thanks >> >> Jacques >> >> From: "kongqz" <[hidden email]> >>> >>> hey,I got the same error >>> I have no idea >>> the following is my step >>> 1、down the ofbiz package from website today >>> 2、change the database for mysql5 >>> 3、don't load application directory and the specialpurpose directory >>> 4、don't load the compentment of testtools and the example in the directory >>> of framework >>> and I change the port from 8080 to 80 >>> 5、my jdk is 1.5 and the development server is windows xp >>> 6、I go into the directory of ofbiz.and then run "clean-all" ,I run >>> "run-install" after last command >>> 7、then I start the ofbiz by type "startofbiz.bat" in cmd >>> and then I login in the webtools. >>> I get the errors as follow >>> "The Following Errors Occurred: >>> >>> The following error occurred during login: Service target threw an >>> unexpected exception (Could not find resource bundle [SecurityextUiLabels] >>> in the locale [zh_CN]) >>> " >>> by the way .I am from China. >>> >>> -- >>> View this message in context: http://www.nabble.com/Multiple-logins-needed-tp22374485p22491095.html >>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>> >> >> > > |
Administrator
|
This has not fixed the issue
Jacques From: "Jacques Le Roux" <[hidden email]> > Thanks Bilgin, > > I checked the log and then asked Contegix people to revert this file (framework/common/config/SecurityextUiLabels.xml) cetainly a > merging issue > > BTW I got also this eror while trying to use Labels Manager on demo server > > 2009-03-15 08:26:26,651 (TP-Processor3) [ ModelScreen.java:409:ERROR] Error rendering screen > [component://webtools/widget/LabelManagerScreens.xml#SearchLabels]: org.ofbiz.base.util.GeneralException: Error running Groovy > script at location [component://webtools/webapp/webtools/WEB-INF/actions/labelmanager/LabelManager.groovy] (The content of > elements > must consist of well-formed character data or markup.). Rolling back transaction. > > I hope it's related (would fix 2 errors in one shoot :o) > > Jacques > > From: "Bilgin Ibryam" <[hidden email]> >>I can reproduce is on demo server, but not locally. Here are the steps >> 1. From ofbiz site, using the demo links log in to trunk >> 2. Log out >> 3. Enter a wrong password and try to log in. >> >> I got this error message: >> >> Error calling event: org.ofbiz.webapp.event.EventHandlerException: Problems processing event: >> java.lang.IllegalArgumentException: >> Could not find resource bundle [SecurityextUiLabels] in the locale [en_US] (Could not find resource bundle >> [SecurityextUiLabels] >> in the locale [en_US]) >> >> Bilgin >> >> On Mar 13, 2009, at 12:23 PM, Jacques Le Roux wrote: >> >>> Any interesting log snippet around the error ? Is it reprodutible ? R.r (Release.revision) ? >>> >>> Thanks >>> >>> Jacques >>> >>> From: "kongqz" <[hidden email]> >>>> >>>> hey,I got the same error >>>> I have no idea >>>> the following is my step >>>> 1、down the ofbiz package from website today >>>> 2、change the database for mysql5 >>>> 3、don't load application directory and the specialpurpose directory >>>> 4、don't load the compentment of testtools and the example in the directory >>>> of framework >>>> and I change the port from 8080 to 80 >>>> 5、my jdk is 1.5 and the development server is windows xp >>>> 6、I go into the directory of ofbiz.and then run "clean-all" ,I run >>>> "run-install" after last command >>>> 7、then I start the ofbiz by type "startofbiz.bat" in cmd >>>> and then I login in the webtools. >>>> I get the errors as follow >>>> "The Following Errors Occurred: >>>> >>>> The following error occurred during login: Service target threw an >>>> unexpected exception (Could not find resource bundle [SecurityextUiLabels] >>>> in the locale [zh_CN]) >>>> " >>>> by the way .I am from China. >>>> >>>> -- >>>> View this message in context: http://www.nabble.com/Multiple-logins-needed-tp22374485p22491095.html >>>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>>> >>> >>> >> >> > > |
Free forum by Nabble | Edit this page |