Bug 1118444 - Session expiration redirects to an ajax request
Summary: Session expiration redirects to an ajax request
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: WebUI
Version: 6.0.3
Hardware: Unspecified
OS: Unspecified
unspecified
high vote
Target Milestone: Unspecified
Assignee: Walden Raines
QA Contact: Tazim Kolhar
URL: http://projects.theforeman.org/issues...
Whiteboard:
: 1121244 1123015 1168228 1201498 (view as bug list)
Depends On:
Blocks: GSS_Sat6Beta_Tracker, GSS_Sat6_Tracker 1139277
TreeView+ depends on / blocked
 
Reported: 2014-07-10 17:53 UTC by Justin Sherrill
Modified: 2019-08-15 03:54 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-08-12 13:58:44 UTC


Attachments (Terms of Use)

Description Justin Sherrill 2014-07-10 17:53:56 UTC
Description of problem:

On most Katello pages, if your session expires and you click a link it will redirect you to login and then back to an ajax response.

 
Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.  Go to Content Views list (which one content view created)
2.  Wait until your session expires (1 hour of inactivity) iirc
3.  Click on the content view

Actual results:
I get redirected to login and then redirected to some json

Expected results:
I get redirected to login and then back to the selected content view

Additional info:

Comment 2 Walden Raines 2014-07-17 15:24:44 UTC
This needs to be fixed on the Foreman side and you can see the same behavior if you leave open the user's page (for example), let your session expire (easier if you set the timeout to 1 minute), and then click on a user.  You are redirected to the login page and once you login you are then sent back to the AJAX request URL of users/1/edit.

Incidentally, you can also update the settings page while your session is expired.

Comment 3 Brad Buckingham 2014-07-24 12:13:45 UTC
*** Bug 1121244 has been marked as a duplicate of this bug. ***

Comment 4 Brad Buckingham 2014-07-24 15:47:03 UTC
*** Bug 1123015 has been marked as a duplicate of this bug. ***

Comment 5 sthirugn@redhat.com 2014-07-24 15:48:54 UTC
Pasting from Bug 1123015:
Steps to Reproduce:
1. Navigate to Content Hosts page.
2. Leave the system idle for few minutes (30?) for timeout
3. After the timeout time, clicking on any of the item in UI takes me to the login page
4. After entering the credentials it takes me to a deprecated api output page:
https://sat6host.redhat.com/katello/api/v2/systems?organization_id=3&page=1&search=&sort_by=name&sort_order=ASC

Comment 14 Dominic Cleal 2014-11-26 13:39:27 UTC
*** Bug 1168228 has been marked as a duplicate of this bug. ***

Comment 17 Walden Raines 2015-03-23 17:33:40 UTC
Created redmine issue http://projects.theforeman.org/issues/9874 from this bug

Comment 18 Walden Raines 2015-03-24 21:19:13 UTC
PR: https://github.com/Katello/bastion/pull/57

Comment 19 Walden Raines 2015-03-26 19:36:19 UTC
Note that the fix for this bug will need to be cherry picked before creating a new release for bastion:

commit 59f5d58b91ae987781162fe94853efb7b7a41e5a
Merge: 007321f 42843e7
Author: Walden Raines <walden@redhat.com>
Date:   Thu Mar 26 14:24:36 2015 -0400

    Merge pull request #57 from waldenraines/9874
    
    Fixes #9874: prevent redirection to API calls, BZ1118444.

commit 42843e71001f6942074334f28f8354be14815105
Author: Walden Raines <walden@redhat.com>
Date:   Mon Mar 23 12:34:47 2015 -0500

    Fixes #9874: prevent redirection to API calls, BZ1118444.
    
    http://projects.theforeman.org/issues/9874
    https://bugzilla.redhat.com/show_bug.cgi?id=1118444

Comment 21 Tazim Kolhar 2015-04-27 08:22:54 UTC
VERIFIED:

]# rpm -qa | grep foreman
foreman-libvirt-1.7.2.17-1.el6_6sat.noarch
ruby193-rubygem-foreman_bootdisk-4.0.2.10-1.el6_6sat.noarch
ruby193-rubygem-foreman_hooks-0.3.7-2.el6_6sat.noarch
rubygem-hammer_cli_foreman_tasks-0.0.3.3-1.el6_6sat.noarch
rubygem-hammer_cli_foreman_bootdisk-0.1.2.5-1.el6_6sat.noarch
foreman-postgresql-1.7.2.17-1.el6_6sat.noarch
foreman-debug-1.7.2.17-1.el6_6sat.noarch
foreman-1.7.2.17-1.el6_6sat.noarch
foreman-ovirt-1.7.2.17-1.el6_6sat.noarch
ruby193-rubygem-foreman-tasks-0.6.12.3-1.el6_6sat.noarch
foreman-proxy-1.7.2.4-1.el6_6sat.noarch
qe-sat6-rhel66.usersys.redhat.com-foreman-client-1.0-1.noarch
qe-sat6-rhel66.usersys.redhat.com-foreman-proxy-client-1.0-1.noarch
foreman-selinux-1.7.2.13-1.el6_6sat.noarch
rubygem-hammer_cli_foreman-0.1.4.9-1.el6_6sat.noarch
foreman-compute-1.7.2.17-1.el6_6sat.noarch
foreman-vmware-1.7.2.17-1.el6_6sat.noarch
ruby193-rubygem-foreman-redhat_access-0.1.0-1.el6_6sat.noarch
ruby193-rubygem-foreman_gutterball-0.0.1.9-1.el6_6sat.noarch
qe-sat6-rhel66.usersys.redhat.com-foreman-proxy-1.0-2.noarch
ruby193-rubygem-foreman_docker-1.2.0.9-1.el6_6sat.noarch
rubygem-hammer_cli_foreman_discovery-0.0.1.7-1.el6_6sat.noarch
foreman-gce-1.7.2.17-1.el6_6sat.noarch
ruby193-rubygem-foreman_discovery-2.0.0.9-1.el6_6sat.noarch

1.  Go to Content Views list (which one content view created)
2.  Wait until your session expires (50 mins of inactivity) iirc
3.  Click on the content view

I get redirected to login and then back to the selected content view

Comment 22 Bryan Kearney 2015-06-16 20:14:28 UTC
*** Bug 1201498 has been marked as a duplicate of this bug. ***

Comment 23 Bryan Kearney 2015-08-11 13:33:16 UTC
This bug is slated to be released with Satellite 6.1.

Comment 24 Bryan Kearney 2015-08-12 13:58:44 UTC
This bug was fixed in version 6.1.1 of Satellite which was released on 12 August, 2015.


Note You need to log in before you can comment on or make changes to this bug.