Mercurial Mercurial > erp > devel > pi / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
[ChangePassword] Fixed issue on WebServices
authorGuillermo Gil <guillermo.gil@openbravo.com>
Tue, 19 Jan 2016 10:38:46 +0100
changeset 28658 f150acd21d7a
parent 28657 adce3187dfda
child 28659 3b390cdaaa2e
[ChangePassword] Fixed issue on WebServices

There is no session if you are not logged in Openbravo.
Use SeguridadData instead of OBCriteria.
src/org/openbravo/base/secureApp/LoginUtils.java file | annotate | diff | comparison | revisions 
--- a/src/org/openbravo/base/secureApp/LoginUtils.java	Thu Dec 31 13:18:09 2015 +0100
+++ b/src/org/openbravo/base/secureApp/LoginUtils.java	Tue Jan 19 10:38:46 2016 +0100
@@ -195,18 +195,8 @@
   public static String checkUserPassword(ConnectionProvider connectionProvider, String login,
       String unHashedPassword) {
     try {
-      String hashedPassword = FormatUtilities.sha1Base64(unHashedPassword);
-      final OBCriteria<User> obc = OBDal.getInstance().createCriteria(User.class);
-      obc.add(Restrictions.like("username", login));
-      obc.add(Restrictions.like("password", hashedPassword));
-      obc.setFilterOnReadableClients(false);
-      final List<User> listUser = obc.list();
-      String userId = "-1";
-
-      if (listUser.size() > 0) {
-        User userOB = listUser.get(0);
-        userId = userOB.getId();
-      }
+      final String hashedPassword = FormatUtilities.sha1Base64(unHashedPassword);
+      final String userId = SeguridadData.valido(connectionProvider, login, hashedPassword);
       if (userId.equals("-1")) {
         return null;
       }
devel/pi