Bug 1840166

Summary:	ERF42-4995 [Foreman::Exception]: Invalid authenticity token message displayed with traceback, If re-login the machine after session timed-out .
Product:	Red Hat Satellite	Reporter:	Devendra Singh <desingh>
Component:	Authentication	Assignee:	Tomer Brisker <tbrisker>
Status:	CLOSED ERRATA	QA Contact:	Devendra Singh <desingh>
Severity:	medium	Docs Contact:
Priority:	unspecified
Version:	6.8.0	CC:	apatel, bbuckingham, kgaikwad, mhulan, tbrisker
Target Milestone:	6.8.0	Keywords:	Regression, Triaged
Target Release:	Unused
Hardware:	x86_64
OS:	Linux
Whiteboard:
Fixed In Version:	foreman-2.1.2.3-1	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2020-10-27 13:02:44 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Devendra Singh 2020-05-26 13:52:11 UTC

Description of problem:

ERF42-4995 [Foreman::Exception]: Invalid authenticity token message displayed with traceback, If I re-login the machine after the session out.

Version-Release number of selected component (if applicable):
6.8 Snap1

How reproducible:
always

Steps to Reproduce:
1. Install the satellite with 6.8 
2. wait for session timed out.
3. After session timed out, re-login the machine again, then we get ERF42-4995 [Foreman::Exception]:.

Actual results:
Some exceptions observed, If we re-login the machine after the session out.

Expected results:
No exception should come if we re-login the machine after the session timed out.

Additional info:

Comment 9 Tomer Brisker 2020-07-08 15:13:44 UTC

What authentication source is the user which is timing out using? Is any external authentication enabled?
Does this occur for all users or only a specific one? 
How long passed between the timeout and the re-login attempt?

Comment 10 Tomer Brisker 2020-07-08 15:15:45 UTC

Additionally, are you certain this isn't also the case in 6.7 and older? https://projects.theforeman.org/issues/10577 seems like a similar issue and is 5 years old.

Comment 11 Devendra Singh 2020-07-10 16:53:23 UTC

(In reply to Tomer Brisker from comment #10)
> Additionally, are you certain this isn't also the case in 6.7 and older?
> https://projects.theforeman.org/issues/10577 seems like a similar issue and
> is 5 years old.

I am not sure about other versions but I didn't face this issue on 6.7.

Comment 12 Tomer Brisker 2020-07-12 06:49:26 UTC

Please reply to the questions in comment #9 as well. Also, did you have multiple tabs open by any chance when the session timed out?

Comment 16 Tomer Brisker 2020-07-20 07:20:44 UTC

Connecting redmine issue https://projects.theforeman.org/issues/10577 from this bug

Comment 19 Bryan Kearney 2020-07-20 12:04:07 UTC

Upstream bug assigned to tbrisker

Comment 20 Bryan Kearney 2020-07-20 12:04:09 UTC

Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/10577 has been resolved.

Comment 28 Devendra Singh 2020-09-08 14:40:32 UTC

Verified on 6.8 Snap14.

Verification points:

1: Didn't see the foreman-exception after re-login the ipv6 machine after autologous.
2: # rpm -qa|grep foreman-2.1.2.
foreman-2.1.2.7-1.el7sat.noarch

Comment 31 errata-xmlrpc 2020-10-27 13:02:44 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.8 release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4366