midsuit
/
core-jgi
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

IDEMPIERE-5408 Allow or enforce login with specific tenant (FHCA-3823) / fix issue with EMail MFA (#1545) 

* When user login with EMail MFA the MFA panel is not shown and the Processing message just keep spinning
* Changed the message TenantNotFound by FailedLogin to avoid a brute force attack to discover which tenants are valid in the installation
This commit is contained in:
Carlos Ruiz 2022-10-27 15:53:30 +02:00 committed by GitHub
parent 15737d2238
commit dd77cc01cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
org.adempiere.base/src/org/compiere/util/Login.java
View File

@ -1309,7 +1309,7 @@ public class Login
if (hasTenant) {
client = MClient.getByLoginPrefix(app_tenant);
if (client == null) {
loginErrMsg = Msg.getMsg(m_ctx, "TenantNotFound", new Object[] {app_tenant});
loginErrMsg = Msg.getMsg(m_ctx, "FailedLogin");
return null;
}
}

2
org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/ValidateMFAPanel.java
View File

@ -134,6 +134,8 @@ public class ValidateMFAPanel extends Window implements EventListener<Event> {
if (m_autoCall) {
validateMFAComplete(true);
} else {
m_showMFAPanel = true;
}
} else {