svn commit: r1851350 - /ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r1851350 - /ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java

jleroux@apache.org
Author: jleroux
Date: Tue Jan 15 13:48:33 2019
New Revision: 1851350

URL: http://svn.apache.org/viewvc?rev=1851350&view=rev
Log:
Fixed: Correct behaviour of Autologin cookies
(OFBIZ-10635)

As reported by Deepak Nigam on dev ML there was a risk of NPE with userLogin w/
my last commit at r1851074  

Thanks Deepak for the report and proposed fix

Modified:
    ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java

Modified: ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java?rev=1851350&r1=1851349&r2=1851350&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java Tue Jan 15 13:48:33 2019
@@ -927,8 +927,8 @@ public class LoginWorker {
         WebappInfo webappInfo = ComponentConfig.getWebappInfo((String) context.getAttribute("_serverId"), applicationName);
                 
         if (userLogin != null &&
-                (webappInfo != null && webappInfo.isAutologinCookieUsed())
-                || webappInfo == null) { // When using an empty mounpoint, ie using root as mounpoint. Beware: works only for 1 webapp!
+                ((webappInfo != null && webappInfo.isAutologinCookieUsed())
+                || webappInfo == null)) { // When using an empty mountpoint, ie using root as mountpoint. Beware: works only for 1 webapp!
             Cookie autoLoginCookie = new Cookie(getAutoLoginCookieName(request), userLogin.getString("userLoginId"));
             autoLoginCookie.setMaxAge(60 * 60 * 24 * 365);
             autoLoginCookie.setDomain(EntityUtilProperties.getPropertyValue("url", "cookie.domain", delegator));