[ofbiz-framework] branch trunk updated: Improved: Display last-visited-time popup after login (OFBIZ-12148)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] branch trunk updated: Improved: Display last-visited-time popup after login (OFBIZ-12148)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 78dd625  Improved: Display last-visited-time popup after login (OFBIZ-12148)
78dd625 is described below

commit 78dd625bbe2689ce275fc3b4a03673296e105d9a
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Mon Feb 22 11:15:28 2021 +0100

    Improved: Display last-visited-time popup after login (OFBIZ-12148)
   
    Makes afterlogin.lastvisit.show to false by default and document that in the
    security documentation, ie in
    https://cwiki.apache.org/confluence/display/OFBIZ/How+to+secure+your+deployment
   
    Else when working in dev mode you always have to remove or wait the message to
    remove itself
   
    Fixes wrong wiki links in sy-password-and-JWT.adoc
---
 framework/security/config/security.properties           |  2 +-
 .../src/docs/asciidoc/_include/sy-password-and-JWT.adoc |  4 ++--
 .../java/org/apache/ofbiz/webapp/AfterLoginEvents.java  | 17 +++++++++--------
 3 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/framework/security/config/security.properties b/framework/security/config/security.properties
index 2981e11..e37ba2c 100644
--- a/framework/security/config/security.properties
+++ b/framework/security/config/security.properties
@@ -231,7 +231,7 @@ allowAllUploads=
 
 #-- Popup last-visited time from database after user has logged in.
 #-- So users can know of any unauthorised access to their accounts.
-#-- Default is true.
+#-- Default is false.
 afterlogin.lastvisit.show=
 
 #-- uri used for login (cf jira OFBIZ-12047)
diff --git a/framework/security/src/docs/asciidoc/_include/sy-password-and-JWT.adoc b/framework/security/src/docs/asciidoc/_include/sy-password-and-JWT.adoc
index 62770ec..b4812e4 100644
--- a/framework/security/src/docs/asciidoc/_include/sy-password-and-JWT.adoc
+++ b/framework/security/src/docs/asciidoc/_include/sy-password-and-JWT.adoc
@@ -33,8 +33,8 @@ endif::[]
 Demo and seed passwords are stored in files loaded through security ofbiz-component.xml. To know more about that be sure to read:
 
 
-* https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guidehttp://url[The technical production setup guide] notably "Initial Data Loading" and "Security Settings" sections
-* https://cwiki.apache.org/confluence/display/OFBIZ/How+to+secure+your+deploymenthttp://url[How to secure your deployment]
+* https://cwiki.apache.org/confluence/display/OFBIZ/Apache+OFBiz+Technical+Production+Setup+Guide[The technical production setup guide] notably "Initial Data Loading" and "Security Settings" sections
+* https://cwiki.apache.org/confluence/display/OFBIZ/How+to+secure+your+deployment[How to secure your deployment]
 
 [CAUTION]
 These configuration steps are not to be neglected for the security of a *production environment*
diff --git a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/AfterLoginEvents.java b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/AfterLoginEvents.java
index 7744126..878d1f5 100644
--- a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/AfterLoginEvents.java
+++ b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/AfterLoginEvents.java
@@ -18,6 +18,14 @@
  *******************************************************************************/
 package org.apache.ofbiz.webapp;
 
+import java.sql.Timestamp;
+import java.text.SimpleDateFormat;
+import java.util.Locale;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.UtilHttp;
 import org.apache.ofbiz.base.util.UtilProperties;
@@ -28,13 +36,6 @@ import org.apache.ofbiz.entity.GenericValue;
 import org.apache.ofbiz.entity.util.EntityListIterator;
 import org.apache.ofbiz.entity.util.EntityQuery;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import java.sql.Timestamp;
-import java.text.SimpleDateFormat;
-import java.util.Locale;
-
 public class AfterLoginEvents {
 
     private static final String MODULE = AfterLoginEvents.class.getName();
@@ -52,7 +53,7 @@ public class AfterLoginEvents {
 
     public static String showLastVisit(HttpServletRequest request, HttpServletResponse response) {
 
-        boolean show = UtilProperties.getPropertyAsBoolean("security", "afterlogin.lastvisit.show", true);
+        boolean show = UtilProperties.getPropertyAsBoolean("security", "afterlogin.lastvisit.show", false);
         if (!show) {
             return "success";
         }