Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0058146 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] C. Security | major | always | 2025-03-05 15:55 | 2025-03-27 11:55 | |||
| Reporter | victor_perez | View Status | public | |||||
| Assigned To | ander_flores | |||||||
| Priority | high | Resolution | duplicate | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | |||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Merge Request Status | open | |||||||
| Review Assigned To | ||||||||
| OBNetwork customer | OBPS | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0058146: Issue with SSO flow and locked users | |||||||
| Description | If a user is locked but he/she is linked with the SSO (checkbox "Only log in using SSO" checked), even if his/her account is locked, he/she will be able to log in and navigate through the back office (I haven't tested the POS). | |||||||
| Steps To Reproduce | 1- Configure the SSO in livebuilds 2- Create a new user and check the corresponding checkbox 3- Log in with this new user using the SSO 4- Open another session, log in with Openbravo user and lock the new user 5- Return to the new user session and try to navigate. As the user is locked, the session is finished (fix done here https://issues.openbravo.com/view.php?id=56759 [^]) 6- Try to log in again with the new user using the SSO option 7- The new user can log in and navigate through the application without problems even if he/she is locked | |||||||
| Proposed Solution | If an account is locked, even if it is configured with the SSO log in option, it can not log in into the application (back office and POS) | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|
 Relationships |
|
Notes |
|
|
(0177214) hgbot (developer) 2025-03-25 11:22 |
Merge Request created: https://gitlab.com/orisha-group/bu-commerce/openbravo/product/openbravo/-/merge_requests/1609 [^] |
|
(0177324) hgbot (developer) 2025-03-27 11:55 |
Issue exported to Jira: https://openbravo.atlassian.net/browse/RM-24056 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2025-03-05 15:55 | victor_perez | New Issue | |
| 2025-03-05 15:55 | victor_perez | Assigned To | => Triage Platform Base |
| 2025-03-05 15:55 | victor_perez | OBNetwork customer | => OBPS |
| 2025-03-05 15:55 | victor_perez | Modules | => Core |
| 2025-03-05 15:55 | victor_perez | Triggers an Emergency Pack | => No |
| 2025-03-23 19:18 | AugustoMauch | Assigned To | Triage Platform Base => Triage Platform Conn |
| 2025-03-24 09:39 | adrianromero | Assigned To | Triage Platform Conn => ander_flores |
| 2025-03-25 11:22 | hgbot | Merge Request Status | => open |
| 2025-03-25 11:22 | hgbot | Note Added: 0177214 | |
| 2025-03-27 11:55 | hgbot | Note Added: 0177324 | |
| 2025-03-27 11:55 | hgbot | Status | new => closed |
| 2025-03-27 11:55 | hgbot | Resolution | open => duplicate |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |