[idempiere/idempiere] 237353: IDEMPIERE-5408 Allow or enforce login with specifi...
0 views
Skip to first unread message
Carlos Ruiz
Dec 2, 2022, 2:32:09 AM12/2/22
to idempi...@googlegroups.com
Branch: refs/heads/master
Home: https://github.com/idempiere/idempiere
Commit: 23735316f9c14753560bba39b67901c08b79430c
https://github.com/idempiere/idempiere/commit/23735316f9c14753560bba39b67901c08b79430c
Author: Carlos Ruiz <car...@gmail.com>
Date: 2022-12-02 (Fri, 02 Dec 2022)
Changed paths:
M org.adempiere.base/src/org/compiere/util/Login.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/window/LoginWindow.java
Log Message:
-----------
IDEMPIERE-5408 Allow or enforce login with specific tenant (FHCA-3823) (#1596)
* IDEMPIERE-5408 Allow or enforce login with specific tenant (FHCA-3823)
Show MFA for support users in System, even if they have roles in several tenants, they can just have MFA defined in System tenant
* IDEMPIERE-5408 Allow or enforce login with specific tenant (FHCA-3823)
- Change of approach, the MFA can be shown first when the client is defined, or when the user is defined to belong to a single tenant
- on the contrary, when we have same user/password in two tenants, the MFA must be delayed until the tenant is identified
- Reviewing this noticed that the Login locking/inactivity logic is working on the full users array, even if the user has a different password (so is a different user)
Fixed this to work just on the authenticated users - this is, those that have the same password in different tenants
Home: https://github.com/idempiere/idempiere
Commit: 23735316f9c14753560bba39b67901c08b79430c
https://github.com/idempiere/idempiere/commit/23735316f9c14753560bba39b67901c08b79430c
Author: Carlos Ruiz <car...@gmail.com>
Date: 2022-12-02 (Fri, 02 Dec 2022)
Changed paths:
M org.adempiere.base/src/org/compiere/util/Login.java
M org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/window/LoginWindow.java
Log Message:
-----------
IDEMPIERE-5408 Allow or enforce login with specific tenant (FHCA-3823) (#1596)
* IDEMPIERE-5408 Allow or enforce login with specific tenant (FHCA-3823)
Show MFA for support users in System, even if they have roles in several tenants, they can just have MFA defined in System tenant
* IDEMPIERE-5408 Allow or enforce login with specific tenant (FHCA-3823)
- Change of approach, the MFA can be shown first when the client is defined, or when the user is defined to belong to a single tenant
- on the contrary, when we have same user/password in two tenants, the MFA must be delayed until the tenant is identified
- Reviewing this noticed that the Login locking/inactivity logic is working on the full users array, even if the user has a different password (so is a different user)
Fixed this to work just on the authenticated users - this is, those that have the same password in different tenants
Reply all
Reply to author
Forward
0 new messages