Unable to set the autoLogin Cookie when mount-point is set as an empty string
Locked
Unable to set the autoLogin Cookie when mount-point is set as an empty string
 
|
Hello all,
In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), system fetches the webAppInfo by using the method ComponentConfig.getWebappInfo(). In this method, serverId and applicationName are passed as the arguments. *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), UtilHttp.getApplicationName(request));* If the mount-point of the web app is set as an empty string, then 'root' will be used as the application name, due to which the object webAppInfo will come null. If the webAppInfo is null then the autoLogin cookie will not be created and added to the response object by the system. Suggestions are welcomed to handle this scenario. Thanks & Regards -- Deepak Nigam HotWax Systems Pvt. Ltd |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
Administrator
|
Thanks Deepak,
I'll have a look ASAP Jadques Le 10/01/2019 à 09:26, Deepak Nigam a écrit : > Hello all, > > In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), > system fetches the webAppInfo by using the > method ComponentConfig.getWebappInfo(). In this method, serverId and > applicationName are passed as the arguments. > > *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) > context.getAttribute("_serverId"), UtilHttp.getApplicationName(request));* > > If the mount-point of the web app is set as an empty string, then 'root' > will be used as the application name, due to which the object webAppInfo > will come null. If the webAppInfo is null then the autoLogin cookie will > not be created and added to the response object by the system. > > Suggestions are welcomed to handle this scenario. > > > Thanks & Regards > -- > Deepak Nigam > HotWax Systems Pvt. Ltd > |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
|
Administrator
|
In reply to this post by deepak nigam-2
Hi Deepak,
It's not a problem if we create an autologin cookie even if it's not used, just unclean. So in this case we could force the same cookie values but the name and path to "root". But what happens if we have several empty mountpoints, is that a problem? I guess if we deploy on root there is only 1 webapp? It would be good to reuse OFBIZ-10635 to keep the information there, thanks. HTH Jacques Le 10/01/2019 à 09:26, Deepak Nigam a écrit : > Hello all, > > In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), > system fetches the webAppInfo by using the > method ComponentConfig.getWebappInfo(). In this method, serverId and > applicationName are passed as the arguments. > > *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) > context.getAttribute("_serverId"), UtilHttp.getApplicationName(request));* > > If the mount-point of the web app is set as an empty string, then 'root' > will be used as the application name, due to which the object webAppInfo > will come null. If the webAppInfo is null then the autoLogin cookie will > not be created and added to the response object by the system. > > Suggestions are welcomed to handle this scenario. > > > Thanks & Regards > -- > Deepak Nigam > HotWax Systems Pvt. Ltd > |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
|
|
Thank you, Jacques, for looking into it.
In my case, there is only one webapp with the empty mount point and I want to use the autoLogin cookie. But the code is written in such a way that in case of empty mount point 'webappInfo' object is coming null due to which autoLogin cookie is not getting created and added in the response object. UtilHttp.getApplicationName(request) method is returning the string 'root' and ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)) is trying to find the webapp using the mountpoint 'root' and hence unable to find it. Please refer the below code for more information: ======================================================================================================================== // Set an autologin cookie for the webapp if it requests it public static String autoLoginSet(HttpServletRequest request, HttpServletResponse response) { Delegator delegator = (Delegator) request.getAttribute("delegator"); HttpSession session = request.getSession(); GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); ServletContext context = request.getServletContext(); WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)); if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request).replaceAll("/","_")); autoLoginCookie.setSecure(true); autoLoginCookie.setHttpOnly(true); response.addCookie(autoLoginCookie); return autoLoginCheck(delegator, session, userLogin.getString("userLoginId")); } else { return "success"; } } ====================================================================================================== public static WebappInfo getWebappInfo(String serverName, String webAppName) { WebappInfo webappInfo = null; List<WebappInfo> webappsInfo = getAppBarWebInfos(serverName); for(WebappInfo currApp : webappsInfo) { String currWebAppName = currApp.getMountPoint().replace("/", "").replace("*", ""); if (webAppName.equals(currWebAppName)) { webappInfo = currApp; break; } } return webappInfo; } ========================================================================================================================= On Thu, Jan 10, 2019 at 7:31 PM Jacques Le Roux < [hidden email]> wrote: > Hi Deepak, > > It's not a problem if we create an autologin cookie even if it's not used, > just unclean. > So in this case we could force the same cookie values but the name and > path to "root". > > But what happens if we have several empty mountpoints, is that a problem? > I guess if we deploy on root there is only 1 webapp? > > It would be good to reuse OFBIZ-10635 to keep the information there, > thanks. > > HTH > > Jacques > > Le 10/01/2019 à 09:26, Deepak Nigam a écrit : > > Hello all, > > > > In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), > > system fetches the webAppInfo by using the > > method ComponentConfig.getWebappInfo(). In this method, serverId and > > applicationName are passed as the arguments. > > > > *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) > > context.getAttribute("_serverId"), > UtilHttp.getApplicationName(request));* > > > > If the mount-point of the web app is set as an empty string, then 'root' > > will be used as the application name, due to which the object webAppInfo > > will come null. If the webAppInfo is null then the autoLogin cookie will > > not be created and added to the response object by the system. > > > > Suggestions are welcomed to handle this scenario. > > > > > > Thanks & Regards > > -- > > Deepak Nigam > > HotWax Systems Pvt. Ltd > > > |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
|
|
Hello,
Deepak Nigam <[hidden email]> writes: > Thank you, Jacques, for looking into it. > > In my case, there is only one webapp with the empty mount point and I want > to use the autoLogin cookie. But the code is written in such a way that in > case of empty mount point 'webappInfo' object is coming null due to which > autoLogin cookie is not getting created and added in the response object. > UtilHttp.getApplicationName(request) method is returning the string 'root' > and ComponentConfig.getWebappInfo((String) > context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)) is > trying to find the webapp using the mountpoint 'root' and hence unable to > find it. > > Please refer the below code for more information: After a quick look, It seems that the code you are refering to is being modified (and hopefully improved) by the patch series I submitted a few months ago in OFBIZ-10606 [1]. Jacques has started the review process in last november. If you have some time, I would appreciate if you could check if the issue you are describing is still present there and maybe propose a way to fix the issue if that is the case. Thanks. [1] https://issues.apache.org/jira/browse/OFBIZ-10606 -- Mathieu Lirzin GPG: F2A3 8D7E EB2B 6640 5761 070D 0ADE E100 9460 4D37 |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
|
Administrator
|
In reply to this post by deepak nigam-2
Hi Deepak,
This works: Index: framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java =================================================================== --- framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (révision 1851027) +++ framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (copie de travail) @@ -923,13 +923,16 @@ HttpSession session = request.getSession(); GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); ServletContext context = request.getServletContext(); - WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)); + String applicationName = UtilHttp.getApplicationName(request); + WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), applicationName); - if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { + if (userLogin != null && + (webappInfo != null && webappInfo.isAutologinCookieUsed()) + || webappInfo == null) { // When using an empty mounpoint, ie using root as mounpoint. Beware: works only for 1 webapp! Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); - autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request).replaceAll("/","_")); + autoLoginCookie.setPath("/" + applicationName.replaceAll("/","_")); autoLoginCookie.setSecure(true); autoLoginCookie.setHttpOnly(true); response.addCookie(autoLoginCookie); Please try it and reuse OFBIZ-10635if it's OK with you Thanks Jacques Le 11/01/2019 à 05:16, Deepak Nigam a écrit : > Thank you, Jacques, for looking into it. > > In my case, there is only one webapp with the empty mount point and I want > to use the autoLogin cookie. But the code is written in such a way that in > case of empty mount point 'webappInfo' object is coming null due to which > autoLogin cookie is not getting created and added in the response object. > UtilHttp.getApplicationName(request) method is returning the string 'root' > and ComponentConfig.getWebappInfo((String) > context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)) is > trying to find the webapp using the mountpoint 'root' and hence unable to > find it. > > Please refer the below code for more information: > > ======================================================================================================================== > > // Set an autologin cookie for the webapp if it requests it > public static String autoLoginSet(HttpServletRequest request, > HttpServletResponse response) { > Delegator delegator = (Delegator) request.getAttribute("delegator"); > HttpSession session = request.getSession(); > GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); > ServletContext context = request.getServletContext(); > WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) > context.getAttribute("_serverId"), > UtilHttp.getApplicationName(request)); > > if (userLogin != null && webappInfo != null && > webappInfo.isAutologinCookieUsed()) { > Cookie autoLoginCookie = new > Cookie(getAutoLoginCookieName(request), > userLogin.getString("userLoginId")); > autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); > autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", > "cookie.domain", delegator)); > autoLoginCookie.setPath("/" + > UtilHttp.getApplicationName(request).replaceAll("/","_")); > autoLoginCookie.setSecure(true); > autoLoginCookie.setHttpOnly(true); > response.addCookie(autoLoginCookie); > return autoLoginCheck(delegator, session, > userLogin.getString("userLoginId")); > } else { > return "success"; > } > } > > ====================================================================================================== > > public static WebappInfo getWebappInfo(String serverName, String webAppName) { > WebappInfo webappInfo = null; > List<WebappInfo> webappsInfo = getAppBarWebInfos(serverName); > for(WebappInfo currApp : webappsInfo) { > String currWebAppName = currApp.getMountPoint().replace("/", > "").replace("*", ""); > if (webAppName.equals(currWebAppName)) { > webappInfo = currApp; > break; > } > } > return webappInfo; > } > > ========================================================================================================================= > > > On Thu, Jan 10, 2019 at 7:31 PM Jacques Le Roux < > [hidden email]> wrote: > >> Hi Deepak, >> >> It's not a problem if we create an autologin cookie even if it's not used, >> just unclean. >> So in this case we could force the same cookie values but the name and >> path to "root". >> >> But what happens if we have several empty mountpoints, is that a problem? >> I guess if we deploy on root there is only 1 webapp? >> >> It would be good to reuse OFBIZ-10635 to keep the information there, >> thanks. >> >> HTH >> >> Jacques >> >> Le 10/01/2019 à 09:26, Deepak Nigam a écrit : >>> Hello all, >>> >>> In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), >>> system fetches the webAppInfo by using the >>> method ComponentConfig.getWebappInfo(). In this method, serverId and >>> applicationName are passed as the arguments. >>> >>> *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) >>> context.getAttribute("_serverId"), >> UtilHttp.getApplicationName(request));* >>> If the mount-point of the web app is set as an empty string, then 'root' >>> will be used as the application name, due to which the object webAppInfo >>> will come null. If the webAppInfo is null then the autoLogin cookie will >>> not be created and added to the response object by the system. >>> >>> Suggestions are welcomed to handle this scenario. >>> >>> >>> Thanks & Regards >>> -- >>> Deepak Nigam >>> HotWax Systems Pvt. Ltd >>> |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
|
Administrator
|
Forgot to say, for that to work OOTB you need to set
stats.persist.visit=ftrue stats.persist.visitor=ftrue Le 11/01/2019 à 11:48, Jacques Le Roux a écrit : > Hi Deepak, > > This works: > > Index: framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java > =================================================================== > --- framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (révision 1851027) > +++ framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (copie de travail) > @@ -923,13 +923,16 @@ > HttpSession session = request.getSession(); > GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); > ServletContext context = request.getServletContext(); > - WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)); > + String applicationName = UtilHttp.getApplicationName(request); > + WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), applicationName); > > - if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { > + if (userLogin != null && > + (webappInfo != null && webappInfo.isAutologinCookieUsed()) > + || webappInfo == null) { // When using an empty mounpoint, ie using root as mounpoint. Beware: works only for 1 webapp! > Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); > autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); > autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); > - autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request).replaceAll("/","_")); > + autoLoginCookie.setPath("/" + applicationName.replaceAll("/","_")); > autoLoginCookie.setSecure(true); > autoLoginCookie.setHttpOnly(true); > response.addCookie(autoLoginCookie); > > Please try it and reuse OFBIZ-10635if it's OK with you > > Thanks > > Jacques > > Le 11/01/2019 à 05:16, Deepak Nigam a écrit : >> Thank you, Jacques, for looking into it. >> >> In my case, there is only one webapp with the empty mount point and I want >> to use the autoLogin cookie. But the code is written in such a way that in >> case of empty mount point 'webappInfo' object is coming null due to which >> autoLogin cookie is not getting created and added in the response object. >> UtilHttp.getApplicationName(request) method is returning the string 'root' >> and ComponentConfig.getWebappInfo((String) >> context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)) is >> trying to find the webapp using the mountpoint 'root' and hence unable to >> find it. >> >> Please refer the below code for more information: >> >> ======================================================================================================================== >> >> // Set an autologin cookie for the webapp if it requests it >> public static String autoLoginSet(HttpServletRequest request, >> HttpServletResponse response) { >> Delegator delegator = (Delegator) request.getAttribute("delegator"); >> HttpSession session = request.getSession(); >> GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); >> ServletContext context = request.getServletContext(); >> WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) >> context.getAttribute("_serverId"), >> UtilHttp.getApplicationName(request)); >> >> if (userLogin != null && webappInfo != null && >> webappInfo.isAutologinCookieUsed()) { >> Cookie autoLoginCookie = new >> Cookie(getAutoLoginCookieName(request), >> userLogin.getString("userLoginId")); >> autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); >> autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", >> "cookie.domain", delegator)); >> autoLoginCookie.setPath("/" + >> UtilHttp.getApplicationName(request).replaceAll("/","_")); >> autoLoginCookie.setSecure(true); >> autoLoginCookie.setHttpOnly(true); >> response.addCookie(autoLoginCookie); >> return autoLoginCheck(delegator, session, >> userLogin.getString("userLoginId")); >> } else { >> return "success"; >> } >> } >> >> ====================================================================================================== >> >> public static WebappInfo getWebappInfo(String serverName, String webAppName) { >> WebappInfo webappInfo = null; >> List<WebappInfo> webappsInfo = getAppBarWebInfos(serverName); >> for(WebappInfo currApp : webappsInfo) { >> String currWebAppName = currApp.getMountPoint().replace("/", >> "").replace("*", ""); >> if (webAppName.equals(currWebAppName)) { >> webappInfo = currApp; >> break; >> } >> } >> return webappInfo; >> } >> >> ========================================================================================================================= >> >> >> On Thu, Jan 10, 2019 at 7:31 PM Jacques Le Roux < >> [hidden email]> wrote: >> >>> Hi Deepak, >>> >>> It's not a problem if we create an autologin cookie even if it's not used, >>> just unclean. >>> So in this case we could force the same cookie values but the name and >>> path to "root". >>> >>> But what happens if we have several empty mountpoints, is that a problem? >>> I guess if we deploy on root there is only 1 webapp? >>> >>> It would be good to reuse OFBIZ-10635 to keep the information there, >>> thanks. >>> >>> HTH >>> >>> Jacques >>> >>> Le 10/01/2019 à 09:26, Deepak Nigam a écrit : >>>> Hello all, >>>> >>>> In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), >>>> system fetches the webAppInfo by using the >>>> method ComponentConfig.getWebappInfo(). In this method, serverId and >>>> applicationName are passed as the arguments. >>>> >>>> *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) >>>> context.getAttribute("_serverId"), >>> UtilHttp.getApplicationName(request));* >>>> If the mount-point of the web app is set as an empty string, then 'root' >>>> will be used as the application name, due to which the object webAppInfo >>>> will come null. If the webAppInfo is null then the autoLogin cookie will >>>> not be created and added to the response object by the system. >>>> >>>> Suggestions are welcomed to handle this scenario. >>>> >>>> >>>> Thanks & Regards >>>> -- >>>> Deepak Nigam >>>> HotWax Systems Pvt. Ltd >>>> > |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
|
Administrator
|
Actually forget it, I needed that in a 1st attempt.
With the patch below it's almost OK OOTB, unrelated to this issue: OFBIZ-10789 "Webpos key buttons don't show when using an empty or having a slash inside mountpoint name" So using an empty mountpoint name is OK as long as you don't use the webpos Jacques Le 11/01/2019 à 15:49, Jacques Le Roux a écrit : > Forgot to say, for that to work OOTB you need to set > > stats.persist.visit=ftrue > stats.persist.visitor=ftrue > > Le 11/01/2019 à 11:48, Jacques Le Roux a écrit : >> Hi Deepak, >> >> This works: >> >> Index: framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java >> =================================================================== >> --- framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (révision 1851027) >> +++ framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (copie de travail) >> @@ -923,13 +923,16 @@ >> HttpSession session = request.getSession(); >> GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); >> ServletContext context = request.getServletContext(); >> - WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)); >> + String applicationName = UtilHttp.getApplicationName(request); >> + WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), applicationName); >> >> - if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { >> + if (userLogin != null && >> + (webappInfo != null && webappInfo.isAutologinCookieUsed()) >> + || webappInfo == null) { // When using an empty mounpoint, ie using root as mounpoint. Beware: works only for 1 webapp! >> Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); >> autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); >> autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); >> - autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request).replaceAll("/","_")); >> + autoLoginCookie.setPath("/" + applicationName.replaceAll("/","_")); >> autoLoginCookie.setSecure(true); >> autoLoginCookie.setHttpOnly(true); >> response.addCookie(autoLoginCookie); >> >> Please try it and reuse OFBIZ-10635if it's OK with you >> >> Thanks >> >> Jacques >> >> Le 11/01/2019 à 05:16, Deepak Nigam a écrit : >>> Thank you, Jacques, for looking into it. >>> >>> In my case, there is only one webapp with the empty mount point and I want >>> to use the autoLogin cookie. But the code is written in such a way that in >>> case of empty mount point 'webappInfo' object is coming null due to which >>> autoLogin cookie is not getting created and added in the response object. >>> UtilHttp.getApplicationName(request) method is returning the string 'root' >>> and ComponentConfig.getWebappInfo((String) >>> context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)) is >>> trying to find the webapp using the mountpoint 'root' and hence unable to >>> find it. >>> >>> Please refer the below code for more information: >>> >>> ======================================================================================================================== >>> >>> // Set an autologin cookie for the webapp if it requests it >>> public static String autoLoginSet(HttpServletRequest request, >>> HttpServletResponse response) { >>> Delegator delegator = (Delegator) request.getAttribute("delegator"); >>> HttpSession session = request.getSession(); >>> GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); >>> ServletContext context = request.getServletContext(); >>> WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) >>> context.getAttribute("_serverId"), >>> UtilHttp.getApplicationName(request)); >>> >>> if (userLogin != null && webappInfo != null && >>> webappInfo.isAutologinCookieUsed()) { >>> Cookie autoLoginCookie = new >>> Cookie(getAutoLoginCookieName(request), >>> userLogin.getString("userLoginId")); >>> autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); >>> autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", >>> "cookie.domain", delegator)); >>> autoLoginCookie.setPath("/" + >>> UtilHttp.getApplicationName(request).replaceAll("/","_")); >>> autoLoginCookie.setSecure(true); >>> autoLoginCookie.setHttpOnly(true); >>> response.addCookie(autoLoginCookie); >>> return autoLoginCheck(delegator, session, >>> userLogin.getString("userLoginId")); >>> } else { >>> return "success"; >>> } >>> } >>> >>> ====================================================================================================== >>> >>> public static WebappInfo getWebappInfo(String serverName, String webAppName) { >>> WebappInfo webappInfo = null; >>> List<WebappInfo> webappsInfo = getAppBarWebInfos(serverName); >>> for(WebappInfo currApp : webappsInfo) { >>> String currWebAppName = currApp.getMountPoint().replace("/", >>> "").replace("*", ""); >>> if (webAppName.equals(currWebAppName)) { >>> webappInfo = currApp; >>> break; >>> } >>> } >>> return webappInfo; >>> } >>> >>> ========================================================================================================================= >>> >>> >>> On Thu, Jan 10, 2019 at 7:31 PM Jacques Le Roux < >>> [hidden email]> wrote: >>> >>>> Hi Deepak, >>>> >>>> It's not a problem if we create an autologin cookie even if it's not used, >>>> just unclean. >>>> So in this case we could force the same cookie values but the name and >>>> path to "root". >>>> >>>> But what happens if we have several empty mountpoints, is that a problem? >>>> I guess if we deploy on root there is only 1 webapp? >>>> >>>> It would be good to reuse OFBIZ-10635 to keep the information there, >>>> thanks. >>>> >>>> HTH >>>> >>>> Jacques >>>> >>>> Le 10/01/2019 à 09:26, Deepak Nigam a écrit : >>>>> Hello all, >>>>> >>>>> In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), >>>>> system fetches the webAppInfo by using the >>>>> method ComponentConfig.getWebappInfo(). In this method, serverId and >>>>> applicationName are passed as the arguments. >>>>> >>>>> *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) >>>>> context.getAttribute("_serverId"), >>>> UtilHttp.getApplicationName(request));* >>>>> If the mount-point of the web app is set as an empty string, then 'root' >>>>> will be used as the application name, due to which the object webAppInfo >>>>> will come null. If the webAppInfo is null then the autoLogin cookie will >>>>> not be created and added to the response object by the system. >>>>> >>>>> Suggestions are welcomed to handle this scenario. >>>>> >>>>> >>>>> Thanks & Regards >>>>> -- >>>>> Deepak Nigam >>>>> HotWax Systems Pvt. Ltd >>>>> >> > |
Re: Unable to set the autoLogin Cookie when mount-point is set as an empty string
|
Administrator
|
In reply to this post by Jacques Le Roux
Fixed with OFBIZ-10635
Mathieu, I fear you will have to update your patch, let's see... Jacques Le 11/01/2019 à 11:48, Jacques Le Roux a écrit : > Hi Deepak, > > This works: > > Index: framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java > =================================================================== > --- framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (révision 1851027) > +++ framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (copie de travail) > @@ -923,13 +923,16 @@ > HttpSession session = request.getSession(); > GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); > ServletContext context = request.getServletContext(); > - WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)); > + String applicationName = UtilHttp.getApplicationName(request); > + WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), applicationName); > > - if (userLogin != null && webappInfo != null && webappInfo.isAutologinCookieUsed()) { > + if (userLogin != null && > + (webappInfo != null && webappInfo.isAutologinCookieUsed()) > + || webappInfo == null) { // When using an empty mounpoint, ie using root as mounpoint. Beware: works only for 1 webapp! > Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId")); > autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); > autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator)); > - autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request).replaceAll("/","_")); > + autoLoginCookie.setPath("/" + applicationName.replaceAll("/","_")); > autoLoginCookie.setSecure(true); > autoLoginCookie.setHttpOnly(true); > response.addCookie(autoLoginCookie); > > Please try it and reuse OFBIZ-10635if it's OK with you > > Thanks > > Jacques > > Le 11/01/2019 à 05:16, Deepak Nigam a écrit : >> Thank you, Jacques, for looking into it. >> >> In my case, there is only one webapp with the empty mount point and I want >> to use the autoLogin cookie. But the code is written in such a way that in >> case of empty mount point 'webappInfo' object is coming null due to which >> autoLogin cookie is not getting created and added in the response object. >> UtilHttp.getApplicationName(request) method is returning the string 'root' >> and ComponentConfig.getWebappInfo((String) >> context.getAttribute("_serverId"), UtilHttp.getApplicationName(request)) is >> trying to find the webapp using the mountpoint 'root' and hence unable to >> find it. >> >> Please refer the below code for more information: >> >> ======================================================================================================================== >> >> // Set an autologin cookie for the webapp if it requests it >> public static String autoLoginSet(HttpServletRequest request, >> HttpServletResponse response) { >> Delegator delegator = (Delegator) request.getAttribute("delegator"); >> HttpSession session = request.getSession(); >> GenericValue userLogin = (GenericValue) session.getAttribute("userLogin"); >> ServletContext context = request.getServletContext(); >> WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) >> context.getAttribute("_serverId"), >> UtilHttp.getApplicationName(request)); >> >> if (userLogin != null && webappInfo != null && >> webappInfo.isAutologinCookieUsed()) { >> Cookie autoLoginCookie = new >> Cookie(getAutoLoginCookieName(request), >> userLogin.getString("userLoginId")); >> autoLoginCookie.setMaxAge(60 * 60 * 24 * 365); >> autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", >> "cookie.domain", delegator)); >> autoLoginCookie.setPath("/" + >> UtilHttp.getApplicationName(request).replaceAll("/","_")); >> autoLoginCookie.setSecure(true); >> autoLoginCookie.setHttpOnly(true); >> response.addCookie(autoLoginCookie); >> return autoLoginCheck(delegator, session, >> userLogin.getString("userLoginId")); >> } else { >> return "success"; >> } >> } >> >> ====================================================================================================== >> >> public static WebappInfo getWebappInfo(String serverName, String webAppName) { >> WebappInfo webappInfo = null; >> List<WebappInfo> webappsInfo = getAppBarWebInfos(serverName); >> for(WebappInfo currApp : webappsInfo) { >> String currWebAppName = currApp.getMountPoint().replace("/", >> "").replace("*", ""); >> if (webAppName.equals(currWebAppName)) { >> webappInfo = currApp; >> break; >> } >> } >> return webappInfo; >> } >> >> ========================================================================================================================= >> >> >> On Thu, Jan 10, 2019 at 7:31 PM Jacques Le Roux < >> [hidden email]> wrote: >> >>> Hi Deepak, >>> >>> It's not a problem if we create an autologin cookie even if it's not used, >>> just unclean. >>> So in this case we could force the same cookie values but the name and >>> path to "root". >>> >>> But what happens if we have several empty mountpoints, is that a problem? >>> I guess if we deploy on root there is only 1 webapp? >>> >>> It would be good to reuse OFBIZ-10635 to keep the information there, >>> thanks. >>> >>> HTH >>> >>> Jacques >>> >>> Le 10/01/2019 à 09:26, Deepak Nigam a écrit : >>>> Hello all, >>>> >>>> In the method to set the autoLogin cookie, LoginWorker.autoLoginSet(), >>>> system fetches the webAppInfo by using the >>>> method ComponentConfig.getWebappInfo(). In this method, serverId and >>>> applicationName are passed as the arguments. >>>> >>>> *WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) >>>> context.getAttribute("_serverId"), >>> UtilHttp.getApplicationName(request));* >>>> If the mount-point of the web app is set as an empty string, then 'root' >>>> will be used as the application name, due to which the object webAppInfo >>>> will come null. If the webAppInfo is null then the autoLogin cookie will >>>> not be created and added to the response object by the system. >>>> >>>> Suggestions are welcomed to handle this scenario. >>>> >>>> >>>> Thanks & Regards >>>> -- >>>> Deepak Nigam >>>> HotWax Systems Pvt. Ltd >>>> > |
«
Return to OFBiz - Dev
|
1 view|%1 views
| Free forum by Nabble | Edit this page |