Bug 1255550 - When console port is moved, login redirection still goes to API port which might be blocked
Summary: When console port is moved, login redirection still goes to API port which mi...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Website
Version: 3.0.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Jessica Forrester
QA Contact: Yanping Zhang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-08-20 22:26 UTC by Erik M Jacobs
Modified: 2015-08-21 15:23 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-08-21 15:23:03 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Erik M Jacobs 2015-08-20 22:26:06 UTC 
I just noticed that the "login" link is actually an API port link:

https://openshift-master.hkg.openshift3roadshow.com:8443/login?then=%2Foauth%2Fauthorize%3Fclient_id%3Dopenshift-web-console%26response_type%3Dtoken%26state%3D%252F%26redirect_uri%3Dhttps%253A%252F%252Fopenshift-master.hkg.openshift3roadshow.com%252Fconsole%252Foauth

This behavior is unexpected in changing the web console port -- most people would expect that 100% of the console runs on the console port.

Granted, the Web UI needs to talk to the API (the browser makes calls to the API via AJAX I think), so the API port can't be blocked... but I guess this is just still a weird user experience that might cause problems down the road... or something?
Comment 2 Jordan Liggitt 2015-08-21 15:23:03 UTC 
The OAuth server (including the login page) runs as part of the API. The API host/port must be accessible to the web console.
Note You need to log in before you can comment on or make changes to this bug.