Bug 1388981

Summary: When token expires, user should be logged out of the GUI
Product: Red Hat OpenStack Reporter: Jason E. Rist <jrist>
Component: openstack-tripleo-uiAssignee: Honza Pokorny <hpokorny>
Status: CLOSED ERRATA QA Contact: Ola Pavlenko <opavlenk>
Severity: high Docs Contact: RHOS Documentation Team <rhos-docs>
Priority: high    
Version: 10.0 (Newton)CC: apannu, jjoyce, jschluet, mburns, rhel-osp-director-maint, sclewis, slinaber, tvignaud
Target Milestone: rcKeywords: Triaged
Target Release: 10.0 (Newton)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-tripleo-ui-1.0.4-4.el7ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-12-14 16:25:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jason E. Rist 2016-10-26 15:33:02 UTC 
Cloned from launchpad bug 1626556.

Description:

When the token expires (after 4 hour by default on the undercloud), the GUI starts to spit out lots of error alerts, and the pages display lots of zeros and blanks instead of real data. Instead, the user should simply be directed back to the login page (or pop up a dialog to get the password again). If possible, the user should then be taken to the page he was trying to go to.

Specification URL (additional information):

https://bugs.launchpad.net/tripleo/+bug/1626556
Comment 2 Anandeep Pannu 2016-11-10 17:33:07 UTC 
@Scott Lewis - I PM acked this - I assume the needinfo can be cleared?
Comment 4 Jason E. Rist 2016-11-17 22:07:30 UTC 
FailedQA

:(

I tried doing this and there didn't seem to be a real timeout. 

Steps to reproduce:
1.) Log in
2.) Open Register Nodes dialog
3.) Don't touch browser for 4 hours
4.) User is not logged out when token expires
5.) Any actions on the UI then create errors

This is with:
cat /var/lib/rhos-release/latest-installed
10   -p 2016-11-15.2
Comment 5 Jason E. Rist 2016-11-18 16:05:27 UTC 
Sorry, it was explained to me that the logout happens upon API call which is specified in the original bug.  

After testing again, this works fine.

Moving back to ON_QA and then VERIFIED.
Comment 7 errata-xmlrpc 2016-12-14 16:25:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2948.html