You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by "Carsten Schinzer (JIRA)" <ji...@apache.org> on 2012/08/29 14:34:07 UTC
[jira] [Created] (OFBIZ-5019) Multitenant delegator assignment not
working correctly
Carsten Schinzer created OFBIZ-5019:
---------------------------------------
Summary: Multitenant delegator assignment not working correctly
Key: OFBIZ-5019
URL: https://issues.apache.org/jira/browse/OFBIZ-5019
Project: OFBiz
Issue Type: Bug
Components: ALL APPLICATIONS, framework
Affects Versions: SVN trunk
Environment: multitenantuse = "Y"
Tenant with no Domain setting or Tenant using different domain for backend applications
Reporter: Carsten Schinzer
This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
The issue manifests as follows:
* the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
* in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
* one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
Re: [jira] [Updated] (OFBIZ-5019) Multitenant delegator assignment
not working correctly
Posted by "Dale E. Moore" <Da...@gMail.Com>.
Sorry for the confusion Carsten! I had another instance of ofBiz still
running that caused my first error post. When I got past my own confusion
about that I still was unable to login as the adminDemo users into DEMO1,
DEMO2 or default. I've updated the JIRA here
<https://issues.apache.org/jira/browse/OFBIZ-5019?focusedCommentId=13457852&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13457852>
.
Is this a correct way to apply your patch?
svn co https://svn.apache.org/repos/asf/ofbiz/trunk ofbiz.trunk
cd ofbiz.trunk
./ant load-demo-multitenant
vi framework/common/config/general.properties
Change multitenant to Y
Download patch from
https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
to parent folder.
patch -p0 <
../OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
./ant load-tenant-admin-user-login -DdelegatorId=DEMO1
-DuserLoginId=adminDemo
./ant load-tenant-admin-user-login -DdelegatorId=DEMO2
-DuserLoginId=adminDemo
./ant start
Thanks!
DaleEMoore@gMail.Com
--
View this message in context: http://ofbiz.135035.n4.nabble.com/jira-Created-OFBIZ-5019-Multitenant-delegator-assignment-not-working-correctly-tp4636012p4636352.html
Sent from the OFBiz - Dev mailing list archive at Nabble.com.
Re: [jira] [Updated] (OFBIZ-5019) Multitenant delegator assignment
not working correctly
Posted by Carsten Schinzer <c....@gmail.com>.
Hello Dale,
I am now confused. Does this work for you or not?
The patch fix runs fine with my dev and my production environment.
I have to admit, I did not follow the procedure that you mention.
I did simply exchange the two class files, recompile and restart my system.
If you feel I should do more before committing the patch, please let me
know.
As I am currently moving houses, my dev environment unforrtunately is
powered down and deep down in one of the boxes ;-/
Kind regards
Carsten
2012/9/18 Dale E. Moore (JIRA) <ji...@apache.org>
>
> [
> https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel]
>
> Dale E. Moore updated OFBIZ-5019:
> ---------------------------------
>
> Comment: was deleted
>
> (was: Please pardon my ignorance Carsten, but; I would like to try your
> patch and see if I'm able to start using ofBiz multitenant and wonder if
> I'm proceeding properly. Here is what I've done:
>
>
> svn co https://svn.apache.org/repos/asf/ofbiz/trunk ofbiz.trunk
> cd ofbiz.trunk
> ./ant load-demo-multitenant
> vi framework/common/config/general.properties
> Change multitenant to Y
> Download patch from
> https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanelto parent folder.
> patch -p0 <
> ../OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
> ./ant load-tenant-admin-user-login -DdelegatorId=DEMO1
> -DuserLoginId=adminDemo
> ./ant load-tenant-admin-user-login -DdelegatorId=DEMO2
> -DuserLoginId=adminDemo
> ./ant start
>
>
> Here are the results from my attempt to start ofBiz:
>
>
> Buildfile: /home/dalem/workspace/ofbiz.trunk/build.xml
>
> start:
> [java] Start.java using configuration file
> org/ofbiz/base/start/start.properties
> [java] Set OFBIZ_HOME to - /home/dalem/workspace/ofbiz.trunk
> [java] Exception in thread "main"
> org.ofbiz.base.start.StartupException: Couldn't create server socket(/
> 127.0.0.1:10523)
> [java] at
> org.ofbiz.base.start.Start$AdminPortThread.<init>(Start.java:387)
> [java] at
> org.ofbiz.base.start.Start.createListenerThread(Start.java:140)
> [java] at org.ofbiz.base.start.Start.init(Start.java:199)
> [java] at org.ofbiz.base.start.Start.main(Start.java:112)
> [java] Caused by: java.net.BindException: Address already in use
> [java] at java.net.PlainSocketImpl.socketBind(Native Method)
> [java] at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:383)
> [java] at java.net.ServerSocket.bind(ServerSocket.java:328)
> [java] at java.net.ServerSocket.<init>(ServerSocket.java:194)
> [java] at
> org.ofbiz.base.start.Start$AdminPortThread.<init>(Start.java:385)
> [java] ... 3 more
> [java] Java Result: 1
>
> BUILD SUCCESSFUL
> Total time: 1 second
>
>
> I am suspicious that this is not the result for which you had hoped.
>
> Perhaps I should start from some ofBiz version other than
> https://svn.apache.org/repos/asf/ofbiz/trunk?
>
> Any suggestions you have are very much appreciated,
> DaleEMoore@gMail.Com)
>
> > Multitenant delegator assignment not working correctly
> > -------------------------------------------------------
> >
> > Key: OFBIZ-5019
> > URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> > Project: OFBiz
> > Issue Type: Bug
> > Components: ALL APPLICATIONS, framework
> > Affects Versions: SVN trunk
> > Environment: multitenantuse = "Y"
> > Tenant with no Domain setting or Tenant using different domain for
> backend applications
> > Reporter: Carsten Schinzer
> > Labels: authentication, context, multitenancy, security
> > Attachments:
> OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
> >
> > Original Estimate: 168h
> > Remaining Estimate: 168h
> >
> > This issue arises when Multitenancy is in use. It arises only on backend
> applications (as typically the frontend store applications will use a
> context variable defined in web.xml to determin the delegator to be used
> (ie. the database to use for data lookups etc).
> > The issue manifests as follows:
> > * the wrong data is read for standard backoffice displays (e.g. orders,
> accounts, etc.); it is the dataa from the default datasource, not the
> tenant´s data source
> > * in the backend apps certain functions require authentication (checked
> dynamically) and this will fail when the default delegator is used since
> the tenant's user accounts will differ (if not in name then in password
> hashes) from the default datasource -- this leads to authentication
> warnings all over the place
> > * one will not be able to mainpulate data of course, either
>
> --
> This message is automatically generated by JIRA.
> If you think it was sent incorrectly, please contact your JIRA
> administrators
> For more information on JIRA, see: http://www.atlassian.com/software/jira
>
[jira] [Comment Edited] (OFBIZ-5019) Multitenant delegator
assignment not working correctly
Posted by "Carsten Schinzer (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13444013#comment-13444013 ]
Carsten Schinzer edited comment on OFBIZ-5019 at 8/29/12 11:41 PM:
-------------------------------------------------------------------
I have done deeper analysis over the past few days and I think the delegator identification in the generic ContextFilter needs to be improved.
CURRENT SOLUTION:
=-=-=-=-=-=-=-=-=
If Multitenant use is switched on, delegator in context will be replaced as follows:
(1) Lookup of TenantId for condition tenant.domain = context.server name
(2) If fail, select default delegator
This is very optimistic as is assumes the following:
* a given tenant would use a single domain only, which might not be true
* a tenant has a related domain defined (this is IMHO not a given even for the DEMO data)
IMPROVED SOLUTION:
=-=-=-=--=-=-=-=-=
At login to the backend applications, a TenantId is specified during authentication process. This should be persisted in the session context and and used to determine the proper delegator through naming convention, namely default#TENANTID for the delegator name.
I have attempted to follow the 'tenantId' parameter which seems to be put to context upon login, but this context attribute is lost/not present when the httpRequest object is being parsed by the ContextFilter of the backoffice apps. I do not understand what needs to be done to keep this parameter in the context.
Fixes/work required:
- (Re-)Allocate 'tenandId' parameter to session context attributes (not always present)
- Alter ContextFilter to check on existing delegator name
--> if it has a hash char ('#') and contains tenantId in uppercase after the char, then leave delegator reference unchanged
--> if not then use the naming convention to fetch the proper delegator from DelegatorFactory
Could you please comment on this approach before I start implementing?
was (Author: c_schinzer):
I have done deeper analysis over the past few days and I think the delegator identification in the generic ContextFilter needs to be improved.
CURRENT SOLUTION:
=-=-=-=-=-=-=-=-=
If Multitenant use is switched on, delegator in context will be replaced as follows:
(1) Lookup of TenantId for condition tenant.domain = context.server name
(2) If fail, select default delegator
This is very optimistic as is assumes the following:
* a given tenant would use a single domain only, which might not be true
* a tenant has a related domain defined (this is IMHO not a given even for the DEMO data)
IMPROVED SOLUTION:
At login to the backend applications, a TenantId is specified during authentication process. This should be persisted in the session context and and used to determine the proper delegator through naming convention, namely default#TENANTID for the delegator name.
I have attempted to follow the 'tenantId' parameters which seems to be put to context upon login, but this context attribute ios lost when the httpRequest object is being parsed by the ContextFilter of the backoffice apps. I do not understand what to do to keep this parameter in the context.
Fixes/work required:
- (Re-)Allocate 'tenandId' parameter to session context attributes (not always present)
- Alter ContextFilter to check on existing delegator name
--> if it has a hash char ('#') and contains tenantId after the char, then leave delegaotr unchanged
--> if not then use the naming convention to lookup the delegator name
Could you please comment on this approach before I start implementing?
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Comment Edited] (OFBIZ-5019) Multitenant delegator
assignment not working correctly
Posted by "Dale E. Moore (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13457852#comment-13457852 ]
Dale E. Moore edited comment on OFBIZ-5019 at 9/19/12 3:44 AM:
---------------------------------------------------------------
When I try to login as adminDemo, ofbiz, DEMO1; DEMO2; or, <blank> for default I get:
The Following Errors Occurred:
following error occurred during login: User not found.
When I login as admin, ofbiz, <blank> I can find no parties named adminDemo. I think that this is as it should be; the each adminDemo party should be in it's tenant DB, right?
Here's what I did to setup my test run:
svn co https://svn.apache.org/repos/asf/ofbiz/trunk ofbiz.trunk
cd ofbiz.trunk
./ant load-demo-multitenant
vi framework/common/config/general.properties
Change multitenant to Y
Download patch from https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel to parent folder.
patch -p0 < ../OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
./ant load-tenant-admin-user-login -DdelegatorId=DEMO1 -DuserLoginId=adminDemo
./ant load-tenant-admin-user-login -DdelegatorId=DEMO2 -DuserLoginId=adminDemo
./ant start
Using Release-revision : trunk-r1387076,
DaleEMoore@gMail.Com
was (Author: daleemoore):
Please pardon my previous comment (if my delete was ignored and it's still present,) I still had another instance of ofBiz running. ofBiz launches successfully!
When I try to login as adminDemo, ofbiz, DEMO1; DEMO2; or, <blank> for default I get:
The Following Errors Occurred:
following error occurred during login: User not found.
When I login as admin, ofbiz, <blank> I can find no parties named adminDemo.
Using Release-revision : trunk-r1387076,
DaleEMoore@gMail.Com
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Attachments: OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
>
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OFBIZ-5019) Multitenant delegator assignment
not working correctly
Posted by "Dale E. Moore (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13457834#comment-13457834 ]
Dale E. Moore commented on OFBIZ-5019:
--------------------------------------
Please pardon my ignorance Carsten, but; I would like to try your patch and see if I'm able to start using ofBiz multitenant and wonder if I'm proceeding properly. Here is what I've done:
svn co https://svn.apache.org/repos/asf/ofbiz/trunk ofbiz.trunk
cd ofbiz.trunk
./ant load-demo-multitenant
vi framework/common/config/general.properties
Change multitenant to Y
Download patch from https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel to parent folder.
patch -p0 < ../OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
./ant load-tenant-admin-user-login -DdelegatorId=DEMO1 -DuserLoginId=adminDemo
./ant load-tenant-admin-user-login -DdelegatorId=DEMO2 -DuserLoginId=adminDemo
./ant start
Here are the results from my attempt to start ofBiz:
Buildfile: /home/dalem/workspace/ofbiz.trunk/build.xml
start:
[java] Start.java using configuration file org/ofbiz/base/start/start.properties
[java] Set OFBIZ_HOME to - /home/dalem/workspace/ofbiz.trunk
[java] Exception in thread "main" org.ofbiz.base.start.StartupException: Couldn't create server socket(/127.0.0.1:10523)
[java] at org.ofbiz.base.start.Start$AdminPortThread.<init>(Start.java:387)
[java] at org.ofbiz.base.start.Start.createListenerThread(Start.java:140)
[java] at org.ofbiz.base.start.Start.init(Start.java:199)
[java] at org.ofbiz.base.start.Start.main(Start.java:112)
[java] Caused by: java.net.BindException: Address already in use
[java] at java.net.PlainSocketImpl.socketBind(Native Method)
[java] at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:383)
[java] at java.net.ServerSocket.bind(ServerSocket.java:328)
[java] at java.net.ServerSocket.<init>(ServerSocket.java:194)
[java] at org.ofbiz.base.start.Start$AdminPortThread.<init>(Start.java:385)
[java] ... 3 more
[java] Java Result: 1
BUILD SUCCESSFUL
Total time: 1 second
I am suspicious that this is not the result for which you had hoped.
Perhaps I should start from some ofBiz version other than https://svn.apache.org/repos/asf/ofbiz/trunk?
Any suggestions you have are very much appreciated,
DaleEMoore@gMail.Com
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Attachments: OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
>
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OFBIZ-5019) Multitenant delegator assignment
not working correctly
Posted by "Carsten Schinzer (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13446770#comment-13446770 ]
Carsten Schinzer commented on OFBIZ-5019:
-----------------------------------------
I have tried the following in LoginWorker.login(HTTPServletRequest request, HttpServletResponse response):
(...)
String tenantId = request.getParameter("tenantId");
if (UtilValidate.isNotEmpty(tenantId)) {
// JIRA OFBIZ-5019 ... persist tenantId in the session
session.setAttribute("tenantId", tenantId);
(...)
But when I print out the session parameters or HttpServletRequest parameters on ContextFilter, I cannot see this attribute at all.
Anything I do wrong?
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (OFBIZ-5019) Multitenant delegator assignment not
working correctly
Posted by "Dale E. Moore (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dale E. Moore updated OFBIZ-5019:
---------------------------------
Comment: was deleted
(was: Please pardon my ignorance Carsten, but; I would like to try your patch and see if I'm able to start using ofBiz multitenant and wonder if I'm proceeding properly. Here is what I've done:
svn co https://svn.apache.org/repos/asf/ofbiz/trunk ofbiz.trunk
cd ofbiz.trunk
./ant load-demo-multitenant
vi framework/common/config/general.properties
Change multitenant to Y
Download patch from https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel to parent folder.
patch -p0 < ../OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
./ant load-tenant-admin-user-login -DdelegatorId=DEMO1 -DuserLoginId=adminDemo
./ant load-tenant-admin-user-login -DdelegatorId=DEMO2 -DuserLoginId=adminDemo
./ant start
Here are the results from my attempt to start ofBiz:
Buildfile: /home/dalem/workspace/ofbiz.trunk/build.xml
start:
[java] Start.java using configuration file org/ofbiz/base/start/start.properties
[java] Set OFBIZ_HOME to - /home/dalem/workspace/ofbiz.trunk
[java] Exception in thread "main" org.ofbiz.base.start.StartupException: Couldn't create server socket(/127.0.0.1:10523)
[java] at org.ofbiz.base.start.Start$AdminPortThread.<init>(Start.java:387)
[java] at org.ofbiz.base.start.Start.createListenerThread(Start.java:140)
[java] at org.ofbiz.base.start.Start.init(Start.java:199)
[java] at org.ofbiz.base.start.Start.main(Start.java:112)
[java] Caused by: java.net.BindException: Address already in use
[java] at java.net.PlainSocketImpl.socketBind(Native Method)
[java] at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:383)
[java] at java.net.ServerSocket.bind(ServerSocket.java:328)
[java] at java.net.ServerSocket.<init>(ServerSocket.java:194)
[java] at org.ofbiz.base.start.Start$AdminPortThread.<init>(Start.java:385)
[java] ... 3 more
[java] Java Result: 1
BUILD SUCCESSFUL
Total time: 1 second
I am suspicious that this is not the result for which you had hoped.
Perhaps I should start from some ofBiz version other than https://svn.apache.org/repos/asf/ofbiz/trunk?
Any suggestions you have are very much appreciated,
DaleEMoore@gMail.Com)
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Attachments: OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
>
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OFBIZ-5019) Multitenant delegator assignment
not working correctly
Posted by "Dale E. Moore (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13457852#comment-13457852 ]
Dale E. Moore commented on OFBIZ-5019:
--------------------------------------
Please pardon my previous comment (if my delete was ignored and it's still present,) I still had another instance of ofBiz running. ofBiz launches successfully!
When I try to login as adminDemo, ofbiz, DEMO1; DEMO2; or, <blank> for default I get:
The Following Errors Occurred:
following error occurred during login: User not found.
When I login as admin, ofbiz, <blank> I can find no parties named adminDemo.
Using Release-revision : trunk-r1387076,
DaleEMoore@gMail.Com
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Attachments: OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
>
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OFBIZ-5019) Multitenant delegator assignment
not working correctly
Posted by "Carsten Schinzer (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13444013#comment-13444013 ]
Carsten Schinzer commented on OFBIZ-5019:
-----------------------------------------
I have done deeper analysis over the past few days and I think the delegator identification in the generic ContextFilter needs to be improved.
CURRENT SOLUTION:
=-=-=-=-=-=-=-=-=
If Multitenant use is switched on, delegator in context will be replaced as follows:
(1) Lookup of TenantId for condition tenant.domain = context.server name
(2) If fail, select default delegator
This is very optimistic as is assumes the following:
* a given tenant would use a single domain only, which might not be true
* a tenant has a related domain defined (this is IMHO not a given even for the DEMO data)
IMPROVED SOLUTION:
At login to the backend applications, a TenantId is specified during authentication process. This should be persisted in the session context and and used to determine the proper delegator through naming convention, namely default#TENANTID for the delegator name.
I have attempted to follow the 'tenantId' parameters which seems to be put to context upon login, but this context attribute ios lost when the httpRequest object is being parsed by the ContextFilter of the backoffice apps. I do not understand what to do to keep this parameter in the context.
Fixes/work required:
- (Re-)Allocate 'tenandId' parameter to session context attributes (not always present)
- Alter ContextFilter to check on existing delegator name
--> if it has a hash char ('#') and contains tenantId after the char, then leave delegaotr unchanged
--> if not then use the naming convention to lookup the delegator name
Could you please comment on this approach before I start implementing?
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (OFBIZ-5019) Multitenant delegator assignment not
working correctly
Posted by "Carsten Schinzer (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OFBIZ-5019?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Schinzer updated OFBIZ-5019:
------------------------------------
Attachment: OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
> Multitenant delegator assignment not working correctly
> -------------------------------------------------------
>
> Key: OFBIZ-5019
> URL: https://issues.apache.org/jira/browse/OFBIZ-5019
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS, framework
> Affects Versions: SVN trunk
> Environment: multitenantuse = "Y"
> Tenant with no Domain setting or Tenant using different domain for backend applications
> Reporter: Carsten Schinzer
> Labels: authentication, context, multitenancy, security
> Attachments: OFBIZ-5019_Multitenant_delegator_assignment_not_working_correctly.patch
>
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This issue arises when Multitenancy is in use. It arises only on backend applications (as typically the frontend store applications will use a context variable defined in web.xml to determin the delegator to be used (ie. the database to use for data lookups etc).
> The issue manifests as follows:
> * the wrong data is read for standard backoffice displays (e.g. orders, accounts, etc.); it is the dataa from the default datasource, not the tenant´s data source
> * in the backend apps certain functions require authentication (checked dynamically) and this will fail when the default delegator is used since the tenant's user accounts will differ (if not in name then in password hashes) from the default datasource -- this leads to authentication warnings all over the place
> * one will not be able to mainpulate data of course, either
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira