Description of problem: On most Katello pages, if your session expires and you click a link it will redirect you to login and then back to an ajax response. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Go to Content Views list (which one content view created) 2. Wait until your session expires (1 hour of inactivity) iirc 3. Click on the content view Actual results: I get redirected to login and then redirected to some json Expected results: I get redirected to login and then back to the selected content view Additional info:
This needs to be fixed on the Foreman side and you can see the same behavior if you leave open the user's page (for example), let your session expire (easier if you set the timeout to 1 minute), and then click on a user. You are redirected to the login page and once you login you are then sent back to the AJAX request URL of users/1/edit. Incidentally, you can also update the settings page while your session is expired.
*** Bug 1121244 has been marked as a duplicate of this bug. ***
*** Bug 1123015 has been marked as a duplicate of this bug. ***
Pasting from Bug 1123015: Steps to Reproduce: 1. Navigate to Content Hosts page. 2. Leave the system idle for few minutes (30?) for timeout 3. After the timeout time, clicking on any of the item in UI takes me to the login page 4. After entering the credentials it takes me to a deprecated api output page: https://sat6host.redhat.com/katello/api/v2/systems?organization_id=3&page=1&search=&sort_by=name&sort_order=ASC
*** Bug 1168228 has been marked as a duplicate of this bug. ***
Created redmine issue http://projects.theforeman.org/issues/9874 from this bug
PR: https://github.com/Katello/bastion/pull/57
Note that the fix for this bug will need to be cherry picked before creating a new release for bastion: commit 59f5d58b91ae987781162fe94853efb7b7a41e5a Merge: 007321f 42843e7 Author: Walden Raines <walden> Date: Thu Mar 26 14:24:36 2015 -0400 Merge pull request #57 from waldenraines/9874 Fixes #9874: prevent redirection to API calls, BZ1118444. commit 42843e71001f6942074334f28f8354be14815105 Author: Walden Raines <walden> Date: Mon Mar 23 12:34:47 2015 -0500 Fixes #9874: prevent redirection to API calls, BZ1118444. http://projects.theforeman.org/issues/9874 https://bugzilla.redhat.com/show_bug.cgi?id=1118444
VERIFIED: ]# rpm -qa | grep foreman foreman-libvirt-1.7.2.17-1.el6_6sat.noarch ruby193-rubygem-foreman_bootdisk-4.0.2.10-1.el6_6sat.noarch ruby193-rubygem-foreman_hooks-0.3.7-2.el6_6sat.noarch rubygem-hammer_cli_foreman_tasks-0.0.3.3-1.el6_6sat.noarch rubygem-hammer_cli_foreman_bootdisk-0.1.2.5-1.el6_6sat.noarch foreman-postgresql-1.7.2.17-1.el6_6sat.noarch foreman-debug-1.7.2.17-1.el6_6sat.noarch foreman-1.7.2.17-1.el6_6sat.noarch foreman-ovirt-1.7.2.17-1.el6_6sat.noarch ruby193-rubygem-foreman-tasks-0.6.12.3-1.el6_6sat.noarch foreman-proxy-1.7.2.4-1.el6_6sat.noarch qe-sat6-rhel66.usersys.redhat.com-foreman-client-1.0-1.noarch qe-sat6-rhel66.usersys.redhat.com-foreman-proxy-client-1.0-1.noarch foreman-selinux-1.7.2.13-1.el6_6sat.noarch rubygem-hammer_cli_foreman-0.1.4.9-1.el6_6sat.noarch foreman-compute-1.7.2.17-1.el6_6sat.noarch foreman-vmware-1.7.2.17-1.el6_6sat.noarch ruby193-rubygem-foreman-redhat_access-0.1.0-1.el6_6sat.noarch ruby193-rubygem-foreman_gutterball-0.0.1.9-1.el6_6sat.noarch qe-sat6-rhel66.usersys.redhat.com-foreman-proxy-1.0-2.noarch ruby193-rubygem-foreman_docker-1.2.0.9-1.el6_6sat.noarch rubygem-hammer_cli_foreman_discovery-0.0.1.7-1.el6_6sat.noarch foreman-gce-1.7.2.17-1.el6_6sat.noarch ruby193-rubygem-foreman_discovery-2.0.0.9-1.el6_6sat.noarch 1. Go to Content Views list (which one content view created) 2. Wait until your session expires (50 mins of inactivity) iirc 3. Click on the content view I get redirected to login and then back to the selected content view
*** Bug 1201498 has been marked as a duplicate of this bug. ***
This bug is slated to be released with Satellite 6.1.
This bug was fixed in version 6.1.1 of Satellite which was released on 12 August, 2015.