[jira] [Commented] (OFBIZ-6561) GenericDelegator.store fails to clear userLogin cache on password update from ecommerce profile

Wed, 22 Jul 2015 01:51:46 -0700 

    [ 
https://issues.apache.org/jira/browse/OFBIZ-6561?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14636524#comment-14636524
 ] 

Deepak Dixit commented on OFBIZ-6561:
-------------------------------------

While digging into this issue found that In ServiceDispatcher.checkAuth method 
system perform security check on context userLogin, and system try to compare 
the context userLogin.currentPassword with db userLogin and if password does 
not match then it remove the userLogin from context.
In this case system fetch the userLogin record from cache and it return the old 
password, hence compare password return false and it remove the userLogin from 
context. 

If we fetch the userLogin with cache false (ServiceDispatcher.java:897) then 
its working as expected. 

> GenericDelegator.store fails to clear userLogin cache on password update from 
> ecommerce profile
> -----------------------------------------------------------------------------------------------
>
>                 Key: OFBIZ-6561
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-6561
>             Project: OFBiz
>          Issue Type: Bug
>    Affects Versions: Release Branch 14.12, Trunk
>            Reporter: Deepak Dixit
>         Attachments: Screen Shot 2015-07-22 at 2.12.47 PM.png
>
>
> Here is the steps to regenerate issue:
> - Go to http://demo-trunk-ofbiz.apache.org/ecommerce/control/viewprofile
> - Login with DemoCustomer
> - Go to http://demo-trunk-ofbiz.apache.org/ecommerce/control/changepassword
> - Update password and click on save button
> Password successfully updated, while redirecting to profile page you will get 
> following error message:
> {quote}
> org.ofbiz.widget.renderer.ScreenRenderException: Error rendering screen 
> [component://ecommerce/widget/CustomerScreens.xml#viewprofile]: 
> java.lang.IllegalArgumentException: Error running script at location 
> [component://ecommerce/webapp/ecommerce/WEB-INF/actions/customer/ViewProfile.groovy]:
>  org.ofbiz.service.ExecutionServiceException: You must be logged in to 
> complete the [Get Summary Information About Orders for a Customer] process. 
> (Error running script at location 
> [component://ecommerce/webapp/ecommerce/WEB-INF/actions/customer/ViewProfile.groovy]:
>  org.ofbiz.service.ExecutionServiceException: You must be logged in to 
> complete the [Get Summary Information About Orders for a Customer] 
> process.){quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to