--- a/modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java Thu May 26 07:40:47 2016 +0200
+++ b/modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java Thu May 26 09:50:08 2016 +0200
@@ -473,6 +473,10 @@
toSaveStr(language.getLanguage()), (language.isRTLLanguage() ? "Y" : "N"),
toSaveStr(roleId), toSaveStr(clientId), toSaveStr(organizationId),
toSaveStr(warehouseId));
+
+ log4j.info("Session reset. Session Id: " + sessionID + " - user: " + sessionUser
+ + " - role: " + roleId + " - client: " + clientId + " - org: " + organizationId);
+
if (!result) {
throw new IllegalArgumentException("Error when saving default values");
}
--- a/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java Thu May 26 07:40:47 2016 +0200
+++ b/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java Thu May 26 09:50:08 2016 +0200
@@ -32,8 +32,6 @@
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
-import net.sf.jasperreports.engine.JRDataSource;
-
import org.codehaus.jettison.json.JSONObject;
import org.hibernate.criterion.Restrictions;
import org.openbravo.authentication.AuthenticationManager;
@@ -72,6 +70,8 @@
import org.openbravo.utils.Replace;
import org.openbravo.xmlEngine.XmlDocument;
+import net.sf.jasperreports.engine.JRDataSource;
+
public class HttpSecureAppServlet extends HttpBaseServlet {
private static final long serialVersionUID = 1L;
protected boolean boolHist = true;
@@ -270,7 +270,7 @@
strWarehouse = "";
} else {
RoleDefaults defaults = LoginUtils.getLoginDefaults(strUserAuth, variables.getRole(),
- this);
+ this, request);
strRole = defaults.role;
strClient = defaults.client;
strOrg = defaults.org;
--- a/src/org/openbravo/base/secureApp/LoginUtils.java Thu May 26 07:40:47 2016 +0200
+++ b/src/org/openbravo/base/secureApp/LoginUtils.java Thu May 26 09:50:08 2016 +0200
@@ -21,6 +21,7 @@
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
+import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.openbravo.base.HttpBaseUtils;
import org.openbravo.base.exception.OBException;
@@ -35,6 +36,7 @@
import org.openbravo.erpCommon.utility.PropertyException;
import org.openbravo.erpCommon.utility.Utility;
import org.openbravo.model.ad.access.RoleOrganization;
+import org.openbravo.model.ad.access.Session;
import org.openbravo.model.ad.domain.Preference;
import org.openbravo.model.ad.system.Client;
import org.openbravo.service.db.DalConnectionProvider;
@@ -132,16 +134,52 @@
return valid;
}
- static boolean validRoleOrg(ConnectionProvider conn, String role, String org)
- throws ServletException {
+ private static boolean validRoleOrg(ConnectionProvider conn, String role, String org,
+ HttpServletRequest request) throws ServletException {
boolean valid = SeguridadData.isLoginRoleOrg(conn, role, org);
if (!valid) {
log4j.error("Login organization is not in role organizations list. Role: " + role + ", Org: "
- + org, new Exception("stack trace"));
+ + org);
+
+ if (request != null) {
+
+ String sessionId = (String) request.getSession().getAttribute("#AD_SESSION_ID");
+
+ log4j.error("SessionId: " + sessionId + " - loggging in: "
+ + request.getSession().getAttribute("#LOGGINGIN") + " - forceLogin: "
+ + request.getSession().getAttribute("forceLogin"));
+
+ log4j.error("request URI: " + request.getRequestURI());
+
+ if (StringUtils.isNotBlank(sessionId)) {
+ OBContext.setAdminMode(false);
+ try {
+ Session session = OBDal.getInstance().get(Session.class, sessionId);
+ if (session != null) {
+ log4j.error("Session: [ active:" + session.isActive() + " - session_active:"
+ + session.isSessionActive() + " - status: " + session.getLoginStatus()
+ + " - user:" + session.getUsername() + " - " + session.getCreationDate() + " ]");
+ } else {
+ log4j.error("No session in DB");
+ }
+ } catch (Exception e) {
+ log4j.error("Couldn't log info", e);
+ } finally {
+ OBContext.restorePreviousMode();
+ }
+ }
+ }
+
+ log4j.error("stack trace", new Exception());
}
return valid;
}
+ static boolean validRoleOrg(ConnectionProvider conn, String role, String org)
+ throws ServletException {
+ return validRoleOrg(conn, role, org, null);
+ }
+
public static List<RoleOrganization> loadRoleOrganization(String strRol) {
OBContext.setAdminMode();
@@ -384,9 +422,17 @@
/**
* Obtains defaults defined for a user and throws DefaultValidationException in case they are not
* correct.
+ *
+ * @param variables
*/
public static RoleDefaults getLoginDefaults(String strUserAuth, String role, ConnectionProvider cp)
throws ServletException, DefaultValidationException {
+ return getLoginDefaults(strUserAuth, role, cp, null);
+ }
+
+ public static RoleDefaults getLoginDefaults(String strUserAuth, String role,
+ ConnectionProvider cp, HttpServletRequest request) throws ServletException,
+ DefaultValidationException {
String strRole = role;
if (strRole.equals("")) {
// use default role
@@ -400,7 +446,7 @@
String strOrg = DefaultOptionsData.defaultOrg(cp, strUserAuth);
// use default org
- if (strOrg == null || !LoginUtils.validRoleOrg(cp, strRole, strOrg)) {
+ if (strOrg == null || !LoginUtils.validRoleOrg(cp, strRole, strOrg, request)) {
// if default not set or not valid take any one
strOrg = DefaultOptionsData.getDefaultOrg(cp, strRole);
}
@@ -612,4 +658,5 @@
}
return strWarehouse;
}
+
}