I commited http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java?r1=1813679&r2=1813678&pathrev=1813679 which I guess forced (or allowed?) James Yong to use the javax.servlet.http.HttpServletRequest as type of "request" attribute of the userLogin service at http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml?r1=1819133&r2=1819132&pathrev=1819133
Else it would (should?) have been
<attribute name="request" mode="IN" type="org.apache.catalina.connector.RequestFacade" optional="true"/>
Now I need to revert/remove the wrapper in ContextFilter which is useless and silly (my bad).
After a deeper investigation today (saturday 2019-03-24) the right solution is now attached as a patch
UPDATE: we had a discussion on this subject at https://markmail.org/message/4jwrnbhpapb4ncrd and Scott suggested to rather temporary use the <type-validate> child element of the <service> <attribute> element. Temporary because the definitive solution (w/o using <type-validate>) could be either to update to Tomcat 9 (preferred) or even downgrade to Tomcat 8. I guess nobody really want the later because only the trunk and not yet released R17.12 branch are concerned.
- depends upon
OFBIZ-10036 Update to Tomcat 9.0.x
- is blocked by
OFBIZ-10047 Tomcat SSO
- is depended upon by
OFBIZ-10307 Navigate from a domain to another with automated signed in authentication