rhn_check logs in between each errata. Unfortunately, the authentication token is not updated (uses the old one). RHN Proxy will then disallow the GET requests. NOTE: the client works fine against hosted and RHN Satellite because those two have access to the server secret and validate that the token is still good (even if old). The RHN Proxy caches tokens (has no access to the server secret) and therefore only allows a single token to be allowed. Affects all customers with RHN Proxy and RHEL 3 clients. Blocking against rhn310proxy since if RHN Proxy v3.1.0 is working correctly it will fail against that as well.
Figured out that this is an object referencing issue. I.e., the token is a global object that's reference is retained in a several classes (HttpGetServer for example). When a new login occurs mid process the new token (a dictionary) is reassigned to the object (new reference). The classes retain a reference to the old object. So... therein lies the disconnect. The correct methodology to fix this is to always fetch the object with the up2dateAuth.getLoginInfo() function. For now, I have simply fixed the reference problem. But... relying on references being retained is fragile. getLoginInfo() is really the right answer.
See bug 124335 for TEST PLAN
NOTE: fails against all versions of RHN Proxy NOTE2: un-privatizing this bug so folks don't create duplicates.
*** Bug 125810 has been marked as a duplicate of this bug. ***
The fix seems to work just dandy. Blocking on the backport to be passed: bug 124335
Looks good on the front end. There are some backend issues that need to be resolved (see bug: 124335), but there is another bug already open for these issues. The fix works.