details: https://code.openbravo.com/erp/devel/pi/rev/94063c13f456 changeset: 30845:94063c13f456 user: Martin Taal <martin.taal <at> openbravo.com> date: Fri Dec 02 19:38:20 2016 +0100 summary: Fixes issue 34486: Support web/mobile service requests which do not create a http session but still supports login Create a dbsession record also for stateless webservice requests
diffstat: src/org/openbravo/authentication/AuthenticationManager.java | 16 +++++++----- 1 files changed, 9 insertions(+), 7 deletions(-) diffs (35 lines): diff -r 5c95279a6932 -r 94063c13f456 src/org/openbravo/authentication/AuthenticationManager.java --- a/src/org/openbravo/authentication/AuthenticationManager.java Fri Dec 02 15:38:14 2016 +0100 +++ b/src/org/openbravo/authentication/AuthenticationManager.java Fri Dec 02 19:38:20 2016 +0100 @@ -220,10 +220,7 @@ throws AuthenticationException { final String userId = doWebServiceAuthenticate(request); - String dbSessionId = null; - if (!AuthenticationManager.isStatelessRequest(request)) { - dbSessionId = setDBSession(request, userId, SUCCESS_SESSION_WEB_SERVICE, false); - } + String dbSessionId = setDBSession(request, userId, SUCCESS_SESSION_WEB_SERVICE, false); return webServicePostAuthenticate(userId, dbSessionId); } @@ -330,11 +327,16 @@ private String setDBSession(HttpServletRequest request, String userId, String successSessionType, boolean setSession) { - final VariablesSecureApp vars = new VariablesSecureApp(request, false); - String dbSessionId = vars.getSessionValue("#AD_SESSION_ID"); + + String dbSessionId = null; + VariablesSecureApp vars = null; + if (!AuthenticationManager.isStatelessRequest(request)) { + vars = new VariablesSecureApp(request, false); + dbSessionId = vars.getSessionValue("#AD_SESSION_ID"); + } if (StringUtils.isEmpty(dbSessionId)) { dbSessionId = createDBSession(request, username, userId, successSessionType); - if (setSession) { + if (setSession && vars != null) { vars.setSessionValue("#AD_SESSION_ID", dbSessionId); if (userId != null) { HttpSession session = request.getSession(false); ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openbravo-commits mailing list Openbravo-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openbravo-commits