Bug 1320460

Summary: [Access denied] after logging in for the second time I am being redirected to front page
Product: [Community] Bugzilla Reporter: Christian Stadelmann <fedora>
Component: User InterfaceAssignee: PnT DevOps Devs <hss-ied-bugs>
Status: CLOSED WONTFIX QA Contact: tools-bugs <tools-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.4CC: huiwang, jmcdonal, mtahir, qgong
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-03-30 03:48:40 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Christian Stadelmann 2016-03-23 09:36:27 UTC 
Description of problem:
When trying to login to bugzilla.redhat.com, I have a chance of circa 50% to get the "Access denied" message telling me that I probably have disabled cookies, see bug #1320457 for that. When logging in for the second time then, I am redirected to the front page even though I was e.g. following a link to a private bug before.

Version-Release number of selected component (if applicable):
4.4.11048.2 (instance at bugzilla.redhat.com)

How reproducible:
Always after running into the "Access denied" page

Steps to Reproduce:
1. (probably required: use firefox + tor to surf the web)
2. login to bugzilla.redhat.com
3. get "Access denied" message
4. log in again

Actual results:
I am redirected to the front page

Expected results:
No redirection. Go back to the page I was on before "Access denied" message happens.

Additional info:
Possible causes:
1. bugzilla relies on me having the same IP address as long as my browser is running
2. bugzilla relies on HTTP referer

For privacy reasons using tor and disabling HTTP referer is useful. Bugzilla should try to not rely on that.
Comment 1 Muhammad Tahir 2016-03-30 03:48:40 UTC 
Expected result described in this report is not a priority for us and will not get resources allocated to it. If you really want this feature you might have more luck
upstream.

Thanks