OFBiz OFBiz - Commits

svn commit: r1845497 - /ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
jleroux@apache.org
Reply | Threaded
Open this post in threaded view
|

svn commit: r1845497 - /ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java

jleroux@apache.org
Author: jleroux
Date: Thu Nov  1 16:29:08 2018
New Revision: 1845497

URL: http://svn.apache.org/viewvc?rev=1845497&view=rev
Log:
Implemented: Navigate from a domain to another with automated signed in
authentication
(OFBIZ-10307)

While working on OFBIZ-10635 I spotted that at r1844880 I forgot to put a call
to LoginWorker::createSecuredLoginIdCookie in LoginWorker::checkExternalLoginKey
in the general case (when the user log in for the 1st time). This fixes it.
Also makes the comment makes sense.


Modified:
    ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java

Modified: ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java?rev=1845497&r1=1845496&r2=1845497&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java Thu Nov  1 16:29:08 2018
@@ -133,11 +133,10 @@ public class ExternalLoginKeysManager {
             GenericValue currentUserLogin = (GenericValue) session.getAttribute("userLogin");
             if (currentUserLogin != null) {
                 if (currentUserLogin.getString("userLoginId").equals(userLogin.getString("userLoginId"))) {
-                    // Create a secured cookie the client cookie with the correct userLoginId
-                    LoginWorker.createSecuredLoginIdCookie(request, response);
-                    
                     // same user, just make sure the autoUserLogin is set to the same and that the client cookie has the correct userLoginId
                     LoginWorker.autoLoginSet(request, response);
+                    // Same for the SecuredLoginId cookie
+                    LoginWorker.createSecuredLoginIdCookie(request, response);
                     return "success";
                 }
 
@@ -147,6 +146,10 @@ public class ExternalLoginKeysManager {
             }
 
             LoginWorker.doBasicLogin(userLogin, request);
+
+            // Create a secured cookie with the correct userLoginId
+            LoginWorker.createSecuredLoginIdCookie(request, response);
+
         } else {
             Debug.logWarning("Could not find userLogin for external login key: " + externalKey, module);
         }


Free forum by Nabble Edit this page