> Can You please tell me where and how to file the BUG report?
>
> On 10/20/05, David E. Jones <[hidden email]> wrote:
>
>>
>> Could you file a bug report for this?
>>
>> -David
>>
>>
>> On Oct 20, 2005, at 8:10 AM, Souvik Saha Bhowmik wrote:
>>
>>
>>> Hi
>>>
>>> I downloaded the new version yesterday...But it didn't solve my
>>> problem ..rather complicated it....I was not able to log in to my
>>> application through any user id and password that I created.. The  
>>> user
>>> ids were provided with sufficient security permissions....and the
>>> error message was "password incorrect". though I found out the
>>> password existed in the userLogin entity with the corrosponding
>>> userLoginId...
>>>
>>> Regarding the older version(5021) I found out the cause of my
>>> problem....I was using the logout event  of Ofbiz.....The logout
>>> eventually calls the LogoutWorker..which while logging out extracts
>>> the userLogin information from session and updates the userLogin
>>> entity with the hasLogged out field information.....And hence though
>>> the password was changed in the entity(UserLogin) it again got  
>>> updated
>>> with the older password.This is becuse the UserLogin information in
>>> session had the older password. This seems to be a bug because the
>>> entire information should not be updated and only the hasLoggedOut
>>> field should be updated. Otherwise no logged in user could change  
>>> his
>>> password. Precisely , he can change but it reverts back while  
>>> logging
>>> out. However I used the <befor logout> tag to invoke an event which
>>> updates the session with the new UserLogin information. the
>>> changePassword feature in my case was implemented using a service  
>>> and
>>> so I could not update the session with the new userLogin while
>>> changing password.....
>>>
>>> However I shall be obliged if you look into the behaviour of new  
>>> Ofbiz
>>>  that I noticed and get back to me......Its very urgent for Ofbiz
>>> users like us
>>> Thanx
>>> Souvik
>>>
>>> On 10/18/05, David E. Jones <[hidden email]> wrote:
>>>
>>>
>>>>
>>>> Based on this I couldn't really say what is going wrong. If you are
>>>> using an older version of OFBiz you might be running into a cache
>>>> problem, but I'm not aware of anything like this that is an
>>>> outstanding issue right now.
>>>>
>>>> If you can reproduce the problem in the current code base let me  
>>>> know
>>>> what you did to make it happen and I'll look into it...
>>>>
>>>> -David
>>>>
>>>>
>>>> On Oct 18, 2005, at 6:53 AM, Souvik Saha Bhowmik wrote:
>>>>
>>>>
>>>>
>>>>> Hi all,
>>>>> I have built an application using the Ofbiz framework and has made
>>>>> full use of the Security system..I am using the framework provided
>>>>> login and logout services
>>>>> In my application there is a customer side and an admin side....
>>>>> I have provided the customer with a feature to change password  
>>>>> after
>>>>> logging in. In that case I find that though the new password is
>>>>> updated in the Userlogin entity its not effecting the
>>>>> application...Whil;e trying to log in with his new password the
>>>>> customer is getting error of Incorrecvt password. But he is  
>>>>> able to
>>>>> log in with his old password. The strangest thing is that the
>>>>> Userlogin entity has the new password and not the old one......is
>>>>> the
>>>>> password also stored some where else....I have not used any
>>>>> encryption....
>>>>> there are more strange observations .......
>>>>> When the admin tries to change the customers password the  
>>>>> change is
>>>>> effected if the user is not logged in at that moment...Even if  
>>>>> he is
>>>>> logged in he the UserLo0gin entity gets updated with new password
>>>>> but
>>>>> it does not effect the customer's security settings. I mean later
>>>>> when
>>>>> the customer tries to log in with his new password he fails but is
>>>>> allowed the same with his old password.....
>>>>> But when an admin changes the password of a customer who in not
>>>>> logged
>>>>> in the change effects his security settings...The behaviour is as
>>>>> expected...He can log in with his new password and not the  
>>>>> old......
>>>>> If I provide the customer with a feature that he canchange his
>>>>> password without logging in( where he has to provide his  
>>>>> userloginId
>>>>> also) the behaviousr is as expected.....He can log in with his new
>>>>> password and not his old one......
>>>>>
>>>>> FYI I am using a minilang(simple) service to change the  
>>>>> password and
>>>>> update the UserLogin entity....It uses the "store" tag of minilang
>>>>>
>>>>> Can someone please explain this wierd behaviour and its
>>>>> remedy.....any
>>>>> suggerstion will be of gr8 help and I shall be highly obliged
>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> [hidden email]
>>>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> [hidden email]
>>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>>
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> [hidden email]
>>> http://lists.ofbiz.org/mailman/listinfo/users
>>>
>>>
>>
>>
>>
>>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>