Bug 961957

Summary: when foreman session expires, user loses acess to views for admin user in katello.
Product: Red Hat Satellite Reporter: Corey Welton <cwelton>
Component: WebUIAssignee: Marek Hulan <mhulan>
Status: CLOSED WONTFIX QA Contact: Katello QA List <katello-qa-list>
Severity: low Docs Contact:
Priority: unspecified    
Version: NightlyCC: bbuckingham, bkearney, omaciel, sthirugn
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-03-12 22:58:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Corey Welton 2013-05-10 20:17:26 UTC 
Description of problem:

Not sure if this is webui issue or foreman. It is bizarre... 

If a user is logged into both katello and foreman UIs (in separate tabs for example) and is logged out due to inactivity in foreman, user loses all rights to access stuff in katello.  This includes admin accounts. No amount of logging in/out of katello, clearing cookies, etc., seems to grant this access back!


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.  Login to /katello
2.  Login to /foreman in a separate browser tab (will need to manually login until SSO is fixed)
3.  Wait for $time until user is logged out of foreman due to inactivity.
4.  Return to /katello and try to browse around. 
5.  Try logging out and back in, clearing cookies, etc. and repeat step 4
Actual results:
User loses most of dashboard and can't access anything.

Expected results:
User doesn't lose access to stuff.


Additional info:

This /may/ actually have something to do with losing track of which org the user is in.  I think I figured out a workaround/way to get access to stuff again but I'll have to test it.
Comment 1 Corey Welton 2013-05-10 20:31:16 UTC 
So, yeah, what happens is when user is timed out due to inactivity in /foreman, user's selected org is lost in /katello.  Selecting an org from the dropdown in the lefthand side seems to resolve/be a workaround.

Not as bizarre I guess, but still ugly.
Comment 3 Marek Hulan 2013-06-05 11:32:09 UTC 
I was unable to reproduce this. Setting foreman session to expire after 1 minute did not exhibit such behavior. Even when Signo session was expired. However I've got a suspicion that it was Katello's session that got expired. I did not test it yet but this is how Katello treats sessions because they are stored in cookies. Unless user has starred (default) organization his selection may disappear with expiring cookie.
Comment 4 sthirugn@redhat.com 2013-06-05 14:01:33 UTC 
FWIW, this happened for me in Katello and I do not have foreman open.
Comment 5 Marek Hulan 2013-06-05 14:06:51 UTC 
Yes, verified that it's caused by Katello session expiration.
Comment 6 Bryan Kearney 2013-06-19 14:19:32 UTC 
Still in discussion, moving this to 6.0.2.
Comment 7 Bryan Kearney 2014-03-12 22:58:07 UTC 
Closing old bugs which are not relevant based on new UI and CLI