You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@ofbiz.apache.org by Prateek <pr...@voltix.com> on 2007/09/28 08:30:41 UTC

problem in security : session problem


  hi
     I have been working on Ecommerce part of OFBIZ.
     According to our issue , i have make login page to open first and 
after user gives username and passwords , the main page opens showing
products.

    Problem is :
          If i directly write the in url the path of that main page it opens
it directly bypassing the   Login page.
          This is simply the breach of security.

 Thanks
 Prateek
 Voltix softwares 
 Chandigarh
   
-- 
View this message in context: http://www.nabble.com/problem-in-security-%3A-session-problem-tf4532713.html#a12935345
Sent from the OFBiz - User mailing list archive at Nabble.com.

Re: problem in security : session problem

Posted by Scott Gray <le...@gmail.com>.

Sorry for the delayed reply, you need to set auth=true on any request
mappings that you want to require a login for in the controller.xml

Regards
Scott

On 28/09/2007, Prateek <pr...@voltix.com> wrote:
>
>
>
>   hi
>      I have been working on Ecommerce part of OFBIZ.
>      According to our issue , i have make login page to open first and
> after user gives username and passwords , the main page opens showing
> products.
>
>     Problem is :
>           If i directly write the in url the path of that main page it
> opens
> it directly bypassing the   Login page.
>           This is simply the breach of security.
>
> Thanks
> Prateek
> Voltix softwares
> Chandigarh
>
> --
> View this message in context:
> http://www.nabble.com/problem-in-security-%3A-session-problem-tf4532713.html#a12935345
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>
>