[OpenbravoERP-commits] devel/pi: Fixes issue 34486: Support web/mobile service requests...

Fri, 02 Dec 2016 10:39:06 -0800 

details:   https://code.openbravo.com/erp/devel/pi/rev/94063c13f456
changeset: 30845:94063c13f456
user:      Martin Taal <martin.taal <at> openbravo.com>
date:      Fri Dec 02 19:38:20 2016 +0100
summary:   Fixes issue 34486: Support web/mobile service requests which do not 
create a http session but still supports login
Create a dbsession record also for stateless webservice requests

diffstat:

 src/org/openbravo/authentication/AuthenticationManager.java |  16 +++++++-----
 1 files changed, 9 insertions(+), 7 deletions(-)

diffs (35 lines):

diff -r 5c95279a6932 -r 94063c13f456 
src/org/openbravo/authentication/AuthenticationManager.java
--- a/src/org/openbravo/authentication/AuthenticationManager.java       Fri Dec 
02 15:38:14 2016 +0100
+++ b/src/org/openbravo/authentication/AuthenticationManager.java       Fri Dec 
02 19:38:20 2016 +0100
@@ -220,10 +220,7 @@
       throws AuthenticationException {
     final String userId = doWebServiceAuthenticate(request);
 
-    String dbSessionId = null;
-    if (!AuthenticationManager.isStatelessRequest(request)) {
-      dbSessionId = setDBSession(request, userId, SUCCESS_SESSION_WEB_SERVICE, 
false);
-    }
+    String dbSessionId = setDBSession(request, userId, 
SUCCESS_SESSION_WEB_SERVICE, false);
 
     return webServicePostAuthenticate(userId, dbSessionId);
   }
@@ -330,11 +327,16 @@
 
   private String setDBSession(HttpServletRequest request, String userId, 
String successSessionType,
       boolean setSession) {
-    final VariablesSecureApp vars = new VariablesSecureApp(request, false);
-    String dbSessionId = vars.getSessionValue("#AD_SESSION_ID");
+
+    String dbSessionId = null;
+    VariablesSecureApp vars = null;
+    if (!AuthenticationManager.isStatelessRequest(request)) {
+      vars = new VariablesSecureApp(request, false);
+      dbSessionId = vars.getSessionValue("#AD_SESSION_ID");
+    }
     if (StringUtils.isEmpty(dbSessionId)) {
       dbSessionId = createDBSession(request, username, userId, 
successSessionType);
-      if (setSession) {
+      if (setSession && vars != null) {
         vars.setSessionValue("#AD_SESSION_ID", dbSessionId);
         if (userId != null) {
           HttpSession session = request.getSession(false);

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Openbravo-commits mailing list
Openbravo-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openbravo-commits

Reply via email to