You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Jacques Le Roux (JIRA)" <ji...@apache.org> on 2018/03/27 07:48:00 UTC
[jira] [Comment Edited] (OFBIZ-10304) The "request" attribute type
of the userLogin service is wrong
[ https://issues.apache.org/jira/browse/OFBIZ-10304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16411153#comment-16411153 ]
Jacques Le Roux edited comment on OFBIZ-10304 at 3/27/18 7:47 AM:
------------------------------------------------------------------
I reopen this issue after this discussion on dev ML: [https://markmail.org/message/yjlpzrwy7ptnvll6]
I think we need to revisit OFBIZ-10047 because I found another occurence of the problem in
payPalCheckoutUpdate. Jacopo said he will review the Tomcat SSO code and I'll try too.
*Actually note that the Tomcat SSO code only made appears this issue, it's not the "'culprit"; Tomcat 8.5 with its servlet4preview is .*
was (Author: jacques.le.roux):
I reopen this issue after this discussion on dev ML: [https://markmail.org/message/yjlpzrwy7ptnvll6]
I think we need to revisit OFBIZ-10047 because I found another occurence of the problem in
payPalCheckoutUpdate. Jacopo said he will review the Tomcat SSO code and I'll try too.
*Actually note that the Tomcat SSO code only made appears this issue, it's not the "'culprit" Tomcat 8.5 with its servlet4preview is .*
> The "request" attribute type of the userLogin service is wrong
> --------------------------------------------------------------
>
> Key: OFBIZ-10304
> URL: https://issues.apache.org/jira/browse/OFBIZ-10304
> Project: OFBiz
> Issue Type: Bug
> Components: framework
> Affects Versions: Trunk, 17.12.01
> Reporter: Jacques Le Roux
> Assignee: Jacques Le Roux
> Priority: Blocker
> Fix For: 17.12.01
>
> Attachments: OFBIZ-10304.patch
>
>
> I commited [http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ContextFilter.java?r1=1813679&r2=1813678&pathrev=1813679] which I guess forced (or allowed?) James Yong to use the javax.servlet.http.HttpServletRequest as type of "request" attribute of the userLogin service at [http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/servicedef/services.xml?r1=1819133&r2=1819132&pathrev=1819133]
> Else it would (should?) have been
> <attribute name="request" mode="IN" type="org.apache.catalina.connector.RequestFacade" optional="true"/>
> Now I need to revert/remove the wrapper in ContextFilter which is useless and silly (my bad).
> {color:#ff0000}-After a deeper investigation today (saturday 2019-03-24) the right solution is now attached as a patch-
> UPDATE: we had a discussion on this subject at [https://markmail.org/message/4jwrnbhpapb4ncrd] and Scott suggested to rather temporary use the <type-validate> child element of the <service> <attribute> element. Temporary because the definitive solution (w/o using <type-validate>) could be either to update to Tomcat 9 (preferred) or even downgrade to Tomcat 8. I guess nobody really want the later because only the trunk and not yet released R17.12 branch are concerned.{color}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)