Author: jleroux
Date: Mon Jan 14 13:54:32 2019
New Revision: 1851248
URL:
http://svn.apache.org/viewvc?rev=1851248&view=revLog:
"Applied fix from trunk for revision: 1851247"
------------------------------------------------------------------------
r1851247 | jleroux | 2019-01-14 14:53:18 +0100 (lun. 14 janv. 2019) | 13 lignes
Fixed: User's name is displayed on ecommerce even after user logs out
(OFBIZ-10666)
On further investigation, I found that cookie path and domain are different
in the methods of creating the auto-login cookie i.e. LoginWorker.autoLoginSet()
and removing the auto-login cookie i.e. LoginWorker.autoLoginRemove().
After following changes the issue seems to be fixed:
1. Removed getMaxAge() check from the condition used in
LoginWorker.getAutoUserLoginId() method.
2. Corrected the path and domain in the method LoginWorker.autoLoginRemove().
Thanks: Deepak Nigam for discussion and fix
------------------------------------------------------------------------
Modified:
ofbiz/ofbiz-framework/branches/release18.12/ (props changed)
ofbiz/ofbiz-framework/branches/release18.12/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
Propchange: ofbiz/ofbiz-framework/branches/release18.12/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Jan 14 13:54:32 2019
@@ -10,4 +10,4 @@
/ofbiz/branches/json-integration-refactoring:1634077-1635900
/ofbiz/branches/multitenant20100310:921280-927264
/ofbiz/branches/release13.07:1547657
-/ofbiz/ofbiz-framework/trunk:1850015,1850023,1850530,1850647,1850685,1850694,1850711,1850914,1850918,1850921,1850948,1850953,1851006,1851013,1851068,1851074,1851130,1851158,1851200,1851224
+/ofbiz/ofbiz-framework/trunk:1850015,1850023,1850530,1850647,1850685,1850694,1850711,1850914,1850918,1850921,1850948,1850953,1851006,1851013,1851068,1851074,1851130,1851158,1851200,1851224,1851247
Modified: ofbiz/ofbiz-framework/branches/release18.12/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
URL:
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/branches/release18.12/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java?rev=1851248&r1=1851247&r2=1851248&view=diff==============================================================================
--- ofbiz/ofbiz-framework/branches/release18.12/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/ofbiz-framework/branches/release18.12/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java Mon Jan 14 13:54:32 2019
@@ -975,8 +975,7 @@ public class LoginWorker {
}
if (cookies != null) {
for (Cookie cookie: cookies) {
- if (cookie.getName().equals(getAutoLoginCookieName(request))
- && cookie.getMaxAge() > 0) {
+ if (cookie.getName().equals(getAutoLoginCookieName(request))) {
autoUserLoginId = cookie.getValue();
break;
}
@@ -1052,9 +1051,11 @@ public class LoginWorker {
// remove the cookie
if (userLogin != null) {
+ Delegator delegator = (Delegator) request.getAttribute("delegator");
Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId"));
autoLoginCookie.setMaxAge(0);
- autoLoginCookie.setPath("/");
+ autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator));
+ autoLoginCookie.setPath("/" + UtilHttp.getApplicationName(request));
response.addCookie(autoLoginCookie);
}
// remove the session attributes
Locked
