Author: jleroux
Date: Fri Dec 7 13:14:48 2018
New Revision: 1848398
URL:
http://svn.apache.org/viewvc?rev=1848398&view=revLog:
Fixed: User's name is displayed on ecommerce even after user logs out
(OFBIZ-10666)
Steps to regenerate:
Open URL:
https://demo-trunk.ofbiz.apache.org/ecommerce/control/main.
Welcome is displayed and user's name is not displayed when URL is opened.
Login at ecommerce, username will be displayed after user logs in.
Logout of ecommerce by clicking on logout. User will be logged out and login
link will be displayed in place of logout link, but the name of user is still
displayed.
Actual: Username is still displayed after user logs out
Expected: Username should not be displayed after the user logs out
Note: Similar issue also exists when the user clicks on (Not You?) link.
Thanks: Arpit Mor for detailled report, Deepak Dixit for discussion
Modified:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
ofbiz/ofbiz-plugins/trunk/ecommerce/webapp/ecommerce/WEB-INF/controller.xml
Modified: ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
URL:
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java?rev=1848398&r1=1848397&r2=1848398&view=diff==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java Fri Dec 7 13:14:48 2018
@@ -791,7 +791,10 @@ public class LoginWorker {
createSecuredLoginIdCookie(request, response);
// make sure the autoUserLogin is set to the same and that the client cookie has the correct userLoginId
- return autoLoginSet(request, response);
+ autoLoginSet(request, response);
+
+ return autoLoginCheck(request, response);
+
}
public static void doBasicLogin(GenericValue userLogin, HttpServletRequest request) {
@@ -968,7 +971,8 @@ public class LoginWorker {
}
if (cookies != null) {
for (Cookie cookie: cookies) {
- if (cookie.getName().equals(getAutoLoginCookieName(request))) {
+ if (cookie.getName().equals(getAutoLoginCookieName(request))
+ && cookie.getMaxAge() > 0) {
autoUserLoginId = cookie.getValue();
break;
}
Modified: ofbiz/ofbiz-plugins/trunk/ecommerce/webapp/ecommerce/WEB-INF/controller.xml
URL:
http://svn.apache.org/viewvc/ofbiz/ofbiz-plugins/trunk/ecommerce/webapp/ecommerce/WEB-INF/controller.xml?rev=1848398&r1=1848397&r2=1848398&view=diff==============================================================================
--- ofbiz/ofbiz-plugins/trunk/ecommerce/webapp/ecommerce/WEB-INF/controller.xml (original)
+++ ofbiz/ofbiz-plugins/trunk/ecommerce/webapp/ecommerce/WEB-INF/controller.xml Fri Dec 7 13:14:48 2018
@@ -54,6 +54,7 @@ under the License.
<event name="checkTrackingCodeUrlParam" type="java" path="org.apache.ofbiz.marketing.tracking.TrackingCodeEvents" invoke="checkTrackingCodeUrlParam"/>
<event name="checkPartnerTrackingCodeUrlParam" type="java" path="org.apache.ofbiz.marketing.tracking.TrackingCodeEvents" invoke="checkPartnerTrackingCodeUrlParam"/>
<event name="keepCartUpdated" type="java" path="org.apache.ofbiz.order.shoppingcart.ShoppingCartEvents" invoke="keepCartUpdated"/>
+ <event name="autoLoginCheck" type="java" path="org.apache.ofbiz.webapp.control.LoginWorker" invoke="autoLoginCheck"/>
</preprocessor>
<!-- Events to run on every request after all other processing (chains exempt) -->
@@ -93,7 +94,7 @@ under the License.
</request-map>
<request-map uri="logout">
<security https="true" auth="true"/>
- <event type="java" path="org.apache.ofbiz.webapp.control.LoginWorker" invoke="logout"/>
+ <event type="java" path="org.apache.ofbiz.webapp.control.LoginWorker" invoke="autoLoginRemove"/>
<response name="success" type="request-redirect-noparam" value="main"/>
<response name="error" type="view" value="main"/>
</request-map>
Locked
