OFBiz OFBiz - Dev

[jira] [Closed] (OFBIZ-5001) Default UserLogin screen is throwing an exception when password is incorrect and its size more then 16 chars.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Closed] (OFBIZ-5001) Default UserLogin screen is throwing an exception when password is incorrect and its size more then 16 chars.

Nicolas Malin (Jira)

     [ https://issues.apache.org/jira/browse/OFBIZ-5001?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jacques Le Roux closed OFBIZ-5001.
----------------------------------

    Resolution: Fixed

Thanks for report Sumit,


I simply changed UserLoginHistory.passwordUsed field from short-varchar to long-varchar. It's committed in trunk at r1470134

I did not consider this a bug, only an awkward user experience. So I decided it's an improvement and did not backport to releases branches.

               

> Default UserLogin screen is throwing an exception when password is incorrect and its size more then 16 chars.
> -------------------------------------------------------------------------------------------------------------
>
>                 Key: OFBIZ-5001
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-5001
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: framework
>    Affects Versions: SVN trunk
>            Reporter: Sumit Pandit
>            Assignee: Jacques Le Roux
>         Attachments: OFBIZ-5001-Expected.GIF, OFBIZ-5001.GIF
>
>
> h3. How to reproduce
> * Try to login with following url -
> https://demo-stable.ofbiz.apache.org/catalog/control/main?USERNAME=flexadmin&PASSWORD=1111111111111111111111&JavaScriptEnabled=Y
> * Observe that password string is *long*(more then 16 chars) and *incorrect*.
> * Page is throwing following exception -
> ** The Following Exception Occurred:
> {code}
> following error occurred during login: Error saving UserLoginHistory and updating login status to reset hasLoggedOut, unsuccessful login count, etc.:
> org.ofbiz.entity.GenericEntityException: Error while inserting: [GenericEntity:UserLoginHistory]
> [createdStamp,2012-08-10 13:03:14.606(java.sql.Timestamp)]
> [createdTxStamp,2012-08-10 13:03:14.605(java.sql.Timestamp)]
> [fromDate,2012-08-10 13:03:14.606(java.sql.Timestamp)]
> [lastUpdatedStamp,2012-08-10 13:03:14.606(java.sql.Timestamp)]
> [lastUpdatedTxStamp,2012-08-10 13:03:14.605(java.sql.Timestamp)]
> [partyId,admin(java.lang.String)]
> [passwordUsed,{SHA}c4d196a020517a548a0c2dd584b6e4c11fc29019(java.lang.String)]
> [successfulLogin,N(java.lang.String)]
> [userLoginId,flexadmin(java.lang.String)]
> [visitId,125553(java.lang.String)] (SQL Exception while executing the following:INSERT INTO OFBIZ.USER_LOGIN_HISTORY (USER_LOGIN_ID, VISIT_ID, FROM_DATE, THRU_DATE, PASSWORD_USED, SUCCESSFUL_LOGIN, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP, CREATED_STAMP, CREATED_TX_STAMP, PARTY_ID) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) (A truncation error was encountered trying to shrink VARCHAR 'c90420db44f564d265b7b141d956a5e6d6f2dfed95988567da44b565ca7a&' to length 60.))
> {code}
> * Please find the screen shot in attachment.
> h3. Expected Result
> * User log in with incorrect password, system should display login screen with proper user-readable error message. See attachment OFBIZ-5001-Expected.GIF

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
Free forum by Nabble Edit this page