Author: jleroux
Date: Tue Feb 8 07:47:25 2011
New Revision: 1068283
URL:
http://svn.apache.org/viewvc?rev=1068283&view=revLog:
Fix "Ajax requests prevent externalLoginKey parameters from working correctly" (
https://issues.apache.org/jira/browse/OFBIZ-3862) - OFBIZ-3862
Scott reported: To clarify, the problem only occurs if the Ajax call results in a screen being rendered since it is the ScreenRenderer that causes a new key to be generated.
Bilgin suggested: I think a solution would be to skip generating of new external login key for Ajax requests.
Ajax requests can be identified by presence of 'X-Requested-With': 'XMLHttpRequest', http header. It is set by most of the Javascript libraries we use: prototype, jquery.
I coded it
Modified:
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=1068283&r1=1068282&r2=1068283&view=diff==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Tue Feb 8 07:47:25 2011
@@ -129,7 +129,10 @@ public class LoginWorker {
synchronized (session) {
// if the session has a previous key in place, remove it from the master list
String sesExtKey = (String) session.getAttribute(EXTERNAL_LOGIN_KEY_ATTR);
+
if (sesExtKey != null) {
+ if (isAjax(request)) return sesExtKey;
+
externalLoginKeys.remove(sesExtKey);
}
@@ -1032,4 +1035,9 @@ public class LoginWorker {
}
return userLoginSessionMap;
}
+
+ public static boolean isAjax(HttpServletRequest request) {
+ return "XMLHttpRequest".equals(request.getHeader("X-Requested-With"));
+ }
+
}
Locked
