Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-9240

Ecommerce login/logout don't work properly for trunk and stable and even old

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Release Branch 14.12, Trunk, Release Branch 15.12, Release Branch 16.11
    • Fix Version/s: 16.11.04
    • Component/s: ecommerce
    • Labels:
      None

      Description

      Here are the tests I did and their results. I did not consider R14/15 because of OFBIZ-9235

      On demos before fixing OFBIZ-9206 and using ofbiz-vm2 direct access
      ecomseo trunk and stable (R16)
      1. Get to https://demo-trunk.ofbiz.apache.org/ecomseo/ or https://demo-stable.ofbiz.apache.org/ecomseo/
      2. login => main page logged in
      3. logout => main page, not logged in
      4. login => main page logged in
      5. Use the "Not you" link => 404
      6. Refresh (F5 key) get you to the main page, not logged in

      So it works almost correctly but you need a refresh (F5 key) for the "Not you" link, not sure why yet.
      It"s the same locally with OFBIZ-9206 fixed*, w/ or w/o portoffset

      ecommerce trunk and stable (R16)
      1. Get to https://ofbiz-vm2.apache.org:8443/ecommerce or https://ofbiz-vm2.apache.org:18443/ecommerce
      2. login => blank page (no 404 in access log)
      3. Refresh (F5 key) get you to the main page, logged in
      4. logout => blank page (no 404 in access log)
      5. Refresh (F5 key) get you to the main page, not logged in
      6. login => blank page (no 404 in access log)
      7. Refresh (F5 key) get you to the main page, logged in
      8. use the "Not you" link => blank page (no 404 in access log)
      9. Refresh (F5 key) get you to the main page, not logged in

      So it works almost correctly but you need a refresh (F5 key) between in the 3 cases, not sure why yet.
      It's the same locally with OFBIZ-9206 fixed, w/ or w/o portoffset

      Old (R13) on demo (no ecomseo before R14)
      1. Get to https://ofbiz-vm2.apache.org:28443/ecommerce
      2. login => you need to enter it twice => main page logged in
      3. logout => main page, not logged in
      4. login => main page logged in
      5. use the "Not you" link => main page, not logged in

      So it "works" but initially you need to enter the credential twice to login
      It's the same locally with OFBIZ-9206 "fixed" (I'm not yet sure about that, I need to test on demo), w/ or w/o portoffset

      1. OFBIZ-9240.patch
        1 kB
        Rohit Koushal

        Issue Links

          Activity

          Hide
          jacques.le.roux Jacques Le Roux added a comment -

          Hi Rohit,

          Well spotted for the somehow duplicated code in RequestHandler. I just tested the trunk and it works.

          I think I asked that already and was answered that it was normal, but I was just wondering if it's normal that we continue to see

          Welcome Demo Customer! (Not You? Click Here)

          after having correctly logged out (no Profile or alike acces possible w/o login again). It seems that's normal because of the "(Not You? Click Here) " part but could we not do better and simply show "Welcome" alike when we initially start?

          Ha just tested the same in R16. I works w/o the "Welcome" issue reported above for trunk. SO that seems a regression in trunk. We need to create another Jira for that

          Rohit, your patch is in trunk and R16 at r1805677. I did not take care of R13 (patch does not apply and no longer supported) and we know R14/15 are wrong with ecommerce/ecomseo

          Show
          jacques.le.roux Jacques Le Roux added a comment - Hi Rohit, Well spotted for the somehow duplicated code in RequestHandler. I just tested the trunk and it works. I think I asked that already and was answered that it was normal, but I was just wondering if it's normal that we continue to see Welcome Demo Customer! (Not You? Click Here) after having correctly logged out (no Profile or alike acces possible w/o login again). It seems that's normal because of the "(Not You? Click Here) " part but could we not do better and simply show "Welcome" alike when we initially start? Ha just tested the same in R16. I works w/o the "Welcome" issue reported above for trunk. SO that seems a regression in trunk. We need to create another Jira for that Rohit, your patch is in trunk and R16 at r1805677. I did not take care of R13 (patch does not apply and no longer supported) and we know R14/15 are wrong with ecommerce/ecomseo
          Hide
          jacques.le.roux Jacques Le Roux added a comment -

          Thanks Rohit and Jacopo,

          I'll have a look ASAP

          Show
          jacques.le.roux Jacques Le Roux added a comment - Thanks Rohit and Jacopo, I'll have a look ASAP
          Hide
          rohit.koushal Rohit Koushal added a comment -

          Hi Jacques Le Roux.

          I spent some time on this ticket and found, the sequencing order of ControlFilter and ContextFilter is causing this problem. I tried to swap the order in case ecommerce but changing the sequence will not work because other filters(like ContentUrlFilter, CatalogUrlFilter) depends on the context prepared by ContextFilter.

          The issue is like when we are doing chaining of request using request-redirect than one request attribute(FORWARDED_FROM_SERVLET) set to TRUE from ControlServlet. In case of ecommerce ContextFilter run before ControlFilter which copies all the attribute from parent request to redirect request and when execution reaches the ControlFilter for the redirect request than request will fail to hit the servlet due to the code present at line 126(ControlFilter.java).

          To fix this problem I removed the code which copies all the attribute from parent request to redirect request because this thing is already taken care in the RequestHandler.

          I am attaching the patch please review and let me know if you have any issue.

          Also here I would like to thanks Jacopo Cappellato for discussing the problem and finalizing the fix.

          Show
          rohit.koushal Rohit Koushal added a comment - Hi Jacques Le Roux . I spent some time on this ticket and found, the sequencing order of ControlFilter and ContextFilter is causing this problem. I tried to swap the order in case ecommerce but changing the sequence will not work because other filters(like ContentUrlFilter, CatalogUrlFilter) depends on the context prepared by ContextFilter. The issue is like when we are doing chaining of request using request-redirect than one request attribute( FORWARDED_FROM_SERVLET ) set to TRUE from ControlServlet. In case of ecommerce ContextFilter run before ControlFilter which copies all the attribute from parent request to redirect request and when execution reaches the ControlFilter for the redirect request than request will fail to hit the servlet due to the code present at line 126(ControlFilter.java). To fix this problem I removed the code which copies all the attribute from parent request to redirect request because this thing is already taken care in the RequestHandler. I am attaching the patch please review and let me know if you have any issue. Also here I would like to thanks Jacopo Cappellato for discussing the problem and finalizing the fix.
          Hide
          jacques.le.roux Jacques Le Roux added a comment -

          In the description I wrote

          It's the same locally with OFBIZ-9206 "fixed" (I'm not yet sure about that, I need to test on demo), w/ or w/o portoffset

          But I had to revert the change I tried to put for old (ports 28443 28080) and I decided to let it as is (ie using https://ofbiz-vm2.apache.org:28443/ecommerce) which at least "somehow" works (see above)

          Show
          jacques.le.roux Jacques Le Roux added a comment - In the description I wrote It's the same locally with OFBIZ-9206 "fixed" (I'm not yet sure about that, I need to test on demo), w/ or w/o portoffset But I had to revert the change I tried to put for old (ports 28443 28080) and I decided to let it as is (ie using https://ofbiz-vm2.apache.org:28443/ecommerce ) which at least "somehow" works (see above)

            People

            • Assignee:
              jacques.le.roux Jacques Le Roux
              Reporter:
              jacques.le.roux Jacques Le Roux
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development