On our production environment, I removed a user from the Administrator profile. Then I tried to login with this user on the admin pages and to my surprize, I still got in. I did it many times over, but got in everytime.
Only after I restarted the application server, I could not connect to the admin pages anymore with this user.
This doesn’t seem like he correct behavior.
The Application Server is aware though of new users on the admin profile without restart.
I think it has to do with the browser, try closing and reopening the web browser after removing the user from the admin group and the login should fail properly without the need to restart Servoy server.
Strange, works fine for me with 2.2.3-build 335, I remove a user from the Admin group and in another browser I try to login with no success, if I add the user to the admin group again login is ok.
How did you do it on the production server? Through the admin pages, or with a developer connected to the server?
I used the latter, since there’s still a bug on the admin pages displaying the users when using Oracle, so I cannot perform this action though the admin pages.
pbakker:
How did you do it on the production server? Through the admin pages, or with a developer connected to the server?
I used the latter, since there’s still a bug on the admin pages displaying the users when using Oracle, so I cannot perform this action though the admin pages.
Paul
Through the Admin pages. Maybe that’s the explanation.
Mmm, I just played with this doing it though the admin pages with a local version of Servoy 2.2.2.
There I get the same behavior. I removed a user from the admin group through the admin pages, started a new browser, went to the admin pages, was prompted to login, entered username and password of the user I previously removed from the admin group and got in…
Very curious…
Also noticed that on the admin pages, you cannot remove the first user you created under the admin group from the admin group, even if you have other users in the admin group.
pbakker:
Mmm, I just played with this doing it though the admin pages with a local version of Servoy 2.2.2.
There I get the same behavior. I removed a user from the admin group through the admin pages, started a new browser, went to the admin pages, was prompted to login, entered username and password of the user I previously removed from the admin group and got in…
Very curious…
Paul
This is the exact same test I performed. One question: after being removed from the admin group the user was still belonging to another group? In my test the user always belonged at least to 1 group.
If you change it with Servoy Developer it is possible that the Servoy Server still has the result set cached with the user login information. Try in the Servoy Admin pages to go to clients and then to “flush all cached data” for all clients. There is a possibility that this may work, though I’m not sure that the server flushes its data cache as well then.
In 2.2.5 the issue with the user list not displaying properlywill be fixed. For now you can try changing the pk column of the users table to be a number(9) instead of number(10).
In 2.2.3 and lower I believe there was a bug that the user was not properly removed until the server was restarted.
But if you want to do feature requests, please use the support system and make a case for a feature request (tracking all outstanding issues via the forum has become unworkable for us).
I believe the info you need is available in the Servoy Repository, so you can always extract it using a plugin (or SQL). The table is called servoy_client_stats and it even has a column total_clients_running.
Nice tip Sebster!
Just a question, how often does Servoy clean up this table? Mine has 7250 rows, the older one is from november 2005 but the server is in place since april 2005.
Currently it is not cleared yet but you can clear it with a single sql delete (up to any date with a where clause). (The reason it starts in november is because that is when this feature was introduced).