Re: [jira] [Commented] (OFBIZ-5019) Multitenant delegator assignment not working correctly

Sat, 19 Jan 2013 13:23:50 -0800 

Please Carsten keep your comments in the Jira. Else it will be hell...

Jacques

c.schin...@gmail.com wrote:
> Nope. See my questions ...
> Gesendet mit BlackBerry® Webmail von Telekom Deutschland
> 
> -----Original Message-----
> From: "Jacques Le Roux (JIRA)" <j...@apache.org>
> Date: Sat, 19 Jan 2013 20:46:12
> To: <dev@ofbiz.apache.org>
> Reply-To: dev@ofbiz.apache.org
> Subject: [jira] [Commented] (OFBIZ-5019) Multitenant delegator assignment
> not working  correctly
> 
> 
>    [
> https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13558092#comment-13558092
> ]  
> 
> Jacques Le Roux commented on OFBIZ-5019:
> ----------------------------------------
> 
> Is the patch still up to date?
> 
>> Multitenant delegator assignment not working  correctly
>> -------------------------------------------------------
>> 
>>                 Key: OFBIZ-5019
>>                 URL: https://issues.apache.org/jira/browse/OFBIZ-5019
>>             Project: OFBiz
>>          Issue Type: Bug
>>          Components: ALL APPLICATIONS, framework
>>    Affects Versions: SVN trunk
>>         Environment: multitenantuse = "Y"
>> Tenant with no Domain setting or Tenant using different domain for backend 
>> applications
>>            Reporter: Carsten Schinzer
>>              Labels: authentication, context, multitenancy, security
>>         Attachments: 
>> OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
>> 
>>   Original Estimate: 168h
>>  Remaining Estimate: 168h
>> 
>> This issue arises when Multitenancy is in use. It arises only on backend 
>> applications (as typically the frontend store
>> applications will use a context variable defined in web.xml to determin the 
>> delegator to be used (ie. the database to use for
>> data lookups etc).  
>> The issue manifests as follows:
>> * the wrong data is read for standard backoffice displays (e.g. orders, 
>> accounts, etc.); it is the dataa from the default
>> datasource, not the tenant´s data source 
>> * in the backend apps certain functions require authentication (checked 
>> dynamically) and this will fail when the default
>> delegator is used since the tenant's user accounts will differ (if not in 
>> name then in password hashes) from the default
>> datasource -- this leads to authentication warnings all over the place  
>> * one will not be able to mainpulate data of course, either

Reply via email to