Bug 1420286
Summary: | Insights not showing login form on session timeout | ||
---|---|---|---|
Product: | Red Hat Satellite 5 | Reporter: | Radovan Drazny <rdrazny> |
Component: | redhat-access-plugin-sat5 | Assignee: | Lindani Phiri <lphiri> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Radovan Drazny <rdrazny> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 580 | CC: | ahecox, chenders, lphiri, tkasparek, tlestach |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | redhat-access-plugin-sat5-2.1.0-56 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-06-21 12:17:35 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1427060 |
Description
Radovan Drazny
2017-02-08 11:11:47 UTC
Tested with redhat-access-plugin-sat5-2.1.0-56.el6sat. Following the reproducer from the original report, Insights WebUI correctly displays login page when accessing Systems->Insights->Setup page. When accessing Systems->Insights->Overview page, it still displays last status message, logged out user is not detected. Lindani, is it possible to add "user is logged in" detection for Overview page as well? Radovan, Yes, the overview page issue is known limitation of the current solution - it happens because on that page we pre-load all the *summary* data and never contact the server again - if you attempt to drill down to get more information you should be logged out. Lindani (In reply to Lindani Phiri from comment #3) > Radovan, > > Yes, the overview page issue is known limitation of the current solution - > it happens because on that page we pre-load all the *summary* data and > never contact the server again - if you attempt to drill down to get more > information you should be logged out. > > Lindani Yes, that's what I thought. Ok, I have checked the overview page. Any other click forces the login form to appear. An attempt to download CSV ends with a message "{"message":"A valid session cookie or valid systemid header was not found on the request."}". Not too elegant, but secure. VERIFIED |