[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15126759#comment-15126759 ] Jacques Le Roux commented on OFBIZ-6111: With OFBIZ-6867 I removed the forceManualJsessionid feature but that did not fix this issue. I have a version where it's fixed but there are other changes related with OFBIZ-6849 (HTTPS only) and it's not stable yet, so this will come later... > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Jacques Le Roux >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[
https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15103285#comment-15103285
]
Jacques Le Roux commented on OFBIZ-6111:
Thanks Arun, I got sidetracked for misc. reasons but I will soon continue on
this and the related email ("Performance over security, is that reasonable?") I
sent to the dev ML
> Strange Behaviour of the eCommerce Login Link
> -
>
> Key: OFBIZ-6111
> URL: https://issues.apache.org/jira/browse/OFBIZ-6111
> Project: OFBiz
> Issue Type: Bug
> Components: specialpurpose/ecommerce
>Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk
>Reporter: Forrest Rae
>Assignee: Jacques Le Roux
>Priority: Trivial
> Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch
>
>
> I've noticed some strange behaviour with the Login link in the eCommerce
> application. If you're visit the Login link from "main", you're redirected
> back to the Login view even after logging in:
> 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main
> 2) Click "Login" in the upper left
> 3) Login as "DemoCustomer" with a password of "ofbiz"
> 4) Notice that you're at a new URL, logged in, but the login form is redrawn.
> Compare this with how it's supposed to work:
> 1) Logout
> 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p
> 3) Click "Login" in the upper left
> 4) Login as "DemoCustomer" with a password of "ofbiz"
> 5) Notice that you're at a new URL, but the product page is redrawn correctly.
> It's just really strange behaviour, quite hard to track down, and I can't
> really find a root cause.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076686#comment-15076686 ] Jacques Le Roux commented on OFBIZ-6111: I'm very glad you spotted that Scott. I also recently mentionned something about the forceManualJsessionid variable at https://issues.apache.org/jira/browse/OFBIZ-4645?focusedCommentId=15054232 and I agree it should be dropped. I'm also currently writing a somewhat related email to the dev ML, it's even more radical! > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[
https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076677#comment-15076677
]
Scott Gray commented on OFBIZ-6111:
---
After a closer look this morning, it appears that the session is dropped
because it was created during an HTTPS request (logout) and is then passed to a
unsecure HTTP request in the URL. Tomcat uses the session for the unsecure
request but (correctly) it won't send it back as an unsecure session cookie.
IMO we shouldn't be passing a secure session ID to an unsecure request.
In RequestHandler.makeLink(HttpServletRequest, HttpServletResponse, String,
boolean, boolean, boolean) we have the following code:
{code}
// if this isn't a secure page, but we made a secure URL, make sure
we manually add the jsessionid since the response.encodeURL won't do that
if (!request.isSecure() && didFullSecure) {
forceManualJsessionid = true;
}
// if this is a secure page, but we made a standard URL, make sure
we manually add the jsessionid since the response.encodeURL won't do that
if (request.isSecure() && didFullStandard) {
forceManualJsessionid = true;
}
{code}
But I would argue that in both of the above cases, the reason that
response.encodeURL won't include the jsessionid is because it isn't safe to do
so from a security point of view. In both cases you've got the potential for
session hijacking because either a secure cookie id has been passed in plain
text or an unsecure session id will be used in place of a secure one. I think
we should remove the logic relating to the forceManualJsessionid variable.
> Strange Behaviour of the eCommerce Login Link
> -
>
> Key: OFBIZ-6111
> URL: https://issues.apache.org/jira/browse/OFBIZ-6111
> Project: OFBiz
> Issue Type: Bug
> Components: specialpurpose/ecommerce
>Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk
>Reporter: Forrest Rae
>Assignee: Arun Patidar
>Priority: Trivial
> Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch
>
>
> I've noticed some strange behaviour with the Login link in the eCommerce
> application. If you're visit the Login link from "main", you're redirected
> back to the Login view even after logging in:
> 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main
> 2) Click "Login" in the upper left
> 3) Login as "DemoCustomer" with a password of "ofbiz"
> 4) Notice that you're at a new URL, logged in, but the login form is redrawn.
> Compare this with how it's supposed to work:
> 1) Logout
> 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p
> 3) Click "Login" in the upper left
> 4) Login as "DemoCustomer" with a password of "ofbiz"
> 5) Notice that you're at a new URL, but the product page is redrawn correctly.
> It's just really strange behaviour, quite hard to track down, and I can't
> really find a root cause.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15076494#comment-15076494 ] Scott Gray commented on OFBIZ-6111: --- Looks like the issue is caused by a dropped session. A new session is created when the logout occurs and the user is redirected to the main page. Because the redirect switches the user from https to http, the JSESSIONID is included in the URL of the redirect and isn't set as a cookie (I'm not sure why). I think the session id inclusion in the URL is preventing the session id from being sent as a cookie in the subsequent response of the redirect. So after this point, when the user submits the add to cart form, there's no session id passed in the request via URL or by cookie and hence a new session is created. The "main" view was saved as the _SAVED_VIEW_NAME_ session attribute but that was lost when the additional session was created, so the request handler defaults back to the default view of "viewCart". Something like that anyway. It could possibly be a Tomcat bug given that any of the following would solve the problem: 1. Tomcat could set the session cookie during the redirect response 2. Tomcat could set the session cookie in the subsequent response Unless I'm missing something. > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15056123#comment-15056123 ] Jacques Le Roux commented on OFBIZ-6111: I believe the ecomseo is properly documented at OFBIZ-5312, of course a wiki page would be even better, feel free to create one :) > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15027000#comment-15027000 ] Jacques Le Roux commented on OFBIZ-6111: Actually because of the way I introduced ecomseo (due to Anil's reluctance, see OFBIZ-5312), ecomseo for now depends on (overrides) ecommerce. So it's a bit more complicated and that's why I suggested to make it prominent for the moment. Later we could decide on putting ecommerce to Attic. But Anil's argument about using contents must be considered. > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15026517#comment-15026517 ] Taher Alkhateeb commented on OFBIZ-6111: This bug was annoying me for a long time, and I know the bug is probably somewhere between controller.xml and web.xml. I started reviewing the differences between ecommerce and ecomseo and it branched out to many files to the process of elimination became a headache and I really like your suggestion Jacques Perhaps we can put it up to a vote in the community to do the following 1- remove ecommerce web app to attic 2- rename ecomseo to ecommerce 3- fix all the files and references inside the component accordingly That would be actually a more enjoyable job than digging through the code to find out what's blocking the session variables IMHO > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15026482#comment-15026482 ] Pierre Smits commented on OFBIZ-6111: - Having multiple options (ecommerce, ecomseo, ecomclone) in one component doesn't do the adoption much good, when the variations aren't properly documented. How could the potential adopter choose the most applicable one? Expecting to have the (potential) adopter to evaluate the code and base his decision on that is not favourable. I agree that ecomseo is an improvement over ecommerce. > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15026406#comment-15026406 ] Jacques Le Roux commented on OFBIZ-6111: A solution would be to deprecate the ecommerce web app and use the ecomseo as 1st reference (reverse priority betweent them, we could rename ecomold), but I'm not sure everybody would agree with that... > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14972707#comment-14972707 ] Taher Alkhateeb commented on OFBIZ-6111: Okay, here is what I did: # ./ant clean-all load-demo # ./ant start # go to http://localhost:8080/ecomseo # login as DemoCustomer with password ofbiz # logout # I'm taken back to the main page, no problem Now, again I made the same exact test but instead of http://localhost:8080/ecomseo/view/showcart I went to http://localhost:8080/ecommerce. Now, I confirm the bug happens, but it happens only once, and only in this exact sequence > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14972602#comment-14972602 ] Jacques Le Roux commented on OFBIZ-6111: OK, what's the status here? > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14943074#comment-14943074 ] Jacques Le Roux commented on OFBIZ-6111: Hi Taher, Thanks, 1st you do agree with me, right? The requests pass by an ASF proxy for security reasons. You may note that when you access the backend it's in HTTP mode. Actually when you get to http://demo-trunk-ofbiz.apache.org/catalog/control/main you are using https://ofbiz-vm.apache.org:8443/catalog/control/main which gets redirected by the proxy So we use patches for that there, see ofbizContrastSecurity\tools\demo-backup for all details. Note also that the R13.07 patch is a bit simpler because it uses the -Dportoffset feature. > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14943056#comment-14943056 ] Taher Alkhateeb commented on OFBIZ-6111: Hi Jacques, you said above that "the demos are not working the same way than an OOTB version". Can you specify what the exact difference is? This could help us in zooming in on the issue. What's different in the CI deployment configuration? > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14943011#comment-14943011 ] Jacques Le Roux commented on OFBIZ-6111: Hi Arun, any chances to confirm the behaviour locally? > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14903002#comment-14903002 ] Jacques Le Roux commented on OFBIZ-6111: It must be a redirection somewhere. Because the demos are not working the same way than an OOTB version which is the real reference in case of ambiguities > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14877472#comment-14877472 ] Jacques Le Roux commented on OFBIZ-6111: I can't reproduce either on trunk demo, but it still appears on a clean up-to-date local copy after an "ant clean-data load-demo start". Could you please double-check locally with same steps than above: # Login # Logout # Add a product from main page -> you get to the cart page though the check box "Always View Cart After Adding An Item" is not ticked. You should stay on main page. I agree it's weird ;) > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14877116#comment-14877116 ] Arun Patidar commented on OFBIZ-6111: - Hi [~jacques.le.roux] Sorry for the delay in response. Should I revert all changes from 13.07, 14.12 and trunk and need to rethink from scratch? Please advice. > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14650229#comment-14650229 ] Jacques Le Roux commented on OFBIZ-6111: Bump... > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14609664#comment-14609664 ] Jacques Le Roux commented on OFBIZ-6111: Yes please Michael, I even wonder if it should not be reverted and another reliable solution used... > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14609106#comment-14609106 ] Michael Brohl commented on OFBIZ-6111: -- Just stumbled over this issue while preparing the OFBiz news. Shouldn't this be reopened? > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14594703#comment-14594703 ] Jacques Le Roux commented on OFBIZ-6111: Sorry to say but the behaviour I mentionned it still there :/ This should be reverted > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Arun Patidar >Priority: Trivial > Attachments: OFBIZ-6111.patch, OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14375160#comment-14375160 ] Jacques Le Roux commented on OFBIZ-6111: Mmm, while working on this I stumbled upon another issue which seems to have been introduced since my last comment. Try the scenario I explained you should find the same. Too late now to get further... This one is not related to your patch, you can reproduce it easily on trunk demo, even on stable and old, which seems to mean that it was introduced recently and backported... > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Jacques Le Roux >Priority: Trivial > Attachments: OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (OFBIZ-6111) Strange Behaviour of the eCommerce Login Link
[ https://issues.apache.org/jira/browse/OFBIZ-6111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14372921#comment-14372921 ] Taher Alkhateeb commented on OFBIZ-6111: Hi Jacques, To save time, would you kindly specify if the test requires a full rebuild or do you just visit the website before / after the patch. In other words, do you do an ant clean-all load-demo and test first scenario followed by ant clean-all load-demo and then patch and test the second scenario? The reason I ask this is because I want to go through the process of elimination and not get on a wild goose chase. I am suspecting that the culprit here is the JSESSIONID cookie so your confirmation on the above would save me some time in hunting this bug. > Strange Behaviour of the eCommerce Login Link > - > > Key: OFBIZ-6111 > URL: https://issues.apache.org/jira/browse/OFBIZ-6111 > Project: OFBiz > Issue Type: Bug > Components: specialpurpose/ecommerce >Affects Versions: Release Branch 12.04, Release Branch 13.07, Trunk >Reporter: Forrest Rae >Assignee: Jacques Le Roux >Priority: Trivial > Attachments: OFBIZ-6111.patch > > > I've noticed some strange behaviour with the Login link in the eCommerce > application. If you're visit the Login link from "main", you're redirected > back to the Login view even after logging in: > 1) Visit http://demo-stable-ofbiz.apache.org/ecommerce/control/main > 2) Click "Login" in the upper left > 3) Login as "DemoCustomer" with a password of "ofbiz" > 4) Notice that you're at a new URL, logged in, but the login form is redrawn. > Compare this with how it's supposed to work: > 1) Logout > 2) Visit http://demo-stable-ofbiz.apache.org/ecommerce/tiny-gismo-GZ-1000-p > 3) Click "Login" in the upper left > 4) Login as "DemoCustomer" with a password of "ofbiz" > 5) Notice that you're at a new URL, but the product page is redrawn correctly. > It's just really strange behaviour, quite hard to track down, and I can't > really find a root cause. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
