This is an automated email from the ASF dual-hosted git repository.
mbrohl pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/trunk by this push:
new b1cd87b415 Improved: Configure of after-login Events in BasicLogin.
(OFBIZ-12630)
b1cd87b415 is described below
commit b1cd87b415a2110c021574f62acf545d68aa669f
Author: Georg <georg.b...@ecomify.de>
AuthorDate: Fri Jul 29 14:59:10 2022 +0200
Improved: Configure of after-login Events in BasicLogin. (OFBIZ-12630)
---
framework/security/config/security.properties | 2 ++
.../ofbiz/webapp/control/ExternalLoginKeysManager.java | 2 +-
.../org/apache/ofbiz/webapp/control/JWTManager.java | 2 +-
.../org/apache/ofbiz/webapp/control/LoginWorker.java | 18 ++++++++++++------
4 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/framework/security/config/security.properties
b/framework/security/config/security.properties
index 80e098090e..b7acb53346 100644
--- a/framework/security/config/security.properties
+++ b/framework/security/config/security.properties
@@ -291,3 +291,5 @@ allowedProtocols=localhost,127.0.0.1
#-- eg:
allowedURIsForFreemarkerInterpolation=createTextContentCms,updateTextContentCms,...
allowedURIsForFreemarkerInterpolation=
+#-- Configure if after-login events are run in doMainLogin (default) or in do
BasicLogin
+security.login.loginEventsAfterBasicLogin=N
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
index 867954304e..0abeaeca45 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ExternalLoginKeysManager.java
@@ -144,7 +144,7 @@ public class ExternalLoginKeysManager {
request.getSession().setAttribute("userLogin", userLogin);
userLogin = LoginWorker.checkLogout(request, response);
- LoginWorker.doBasicLogin(userLogin, request);
+ LoginWorker.doBasicLogin(userLogin, request, response);
// Create a secured cookie with the correct userLoginId
LoginWorker.createSecuredLoginIdCookie(request, response);
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/JWTManager.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/JWTManager.java
index d8f06822fb..6b9f17e2ab 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/JWTManager.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/JWTManager.java
@@ -120,7 +120,7 @@ public class JWTManager {
return "success";
}
- LoginWorker.doBasicLogin(userLogin, request);
+ LoginWorker.doBasicLogin(userLogin, request, response);
return "success";
}
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
index 56eca9c5cc..5af41248a2 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
@@ -804,7 +804,7 @@ public final class LoginWorker {
return "error";
}
if (userLogin != null && hasBasePermission(userLogin, request)) {
- doBasicLogin(userLogin, request);
+ doBasicLogin(userLogin, request, response);
} else {
String errMsg = UtilProperties.getMessage(RESOURCE,
"loginevents.unable_to_login_this_application", UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
@@ -817,10 +817,11 @@ public final class LoginWorker {
request.setAttribute("_LOGIN_PASSED_", "TRUE");
- // run the after-login events
- RequestHandler rh =
RequestHandler.getRequestHandler(request.getSession().getServletContext());
- rh.runAfterLoginEvents(request, response);
-
+ if (!"Y".equals(UtilProperties.getPropertyValue(SEC_PROPERTIES,
"security.login.loginEventsAfterBasicLogin", "N"))) {
+ // run the after-login events
+ RequestHandler rh =
RequestHandler.getRequestHandler(request.getSession().getServletContext());
+ rh.runAfterLoginEvents(request, response);
+ }
// Create a secured cookie with the correct userLoginId
createSecuredLoginIdCookie(request, response);
@@ -830,7 +831,7 @@ public final class LoginWorker {
return autoLoginCheck(request, response);
}
- public static void doBasicLogin(GenericValue userLogin, HttpServletRequest
request) {
+ public static void doBasicLogin(GenericValue userLogin, HttpServletRequest
request, HttpServletResponse response) {
HttpSession session = request.getSession();
session.setAttribute("userLogin", userLogin);
@@ -930,6 +931,11 @@ public final class LoginWorker {
Debug.logError(e, MODULE);
}
}
+ if ("Y".equals(UtilProperties.getPropertyValue(SEC_PROPERTIES,
"security.login.loginEventsAfterBasicLogin", "N"))) {
+ // run the after-login events
+ RequestHandler rh =
RequestHandler.getRequestHandler(request.getSession().getServletContext());
+ rh.runAfterLoginEvents(request, response);
+ }
// setup some things that should always be there
UtilHttp.setInitialRequestInfo(request);
