Bug 1329009 - After Session timeout, logging back in takes user to change password page.
Summary: After Session timeout, logging back in takes user to change password page.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.6.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.6.0
Assignee: Brian McLaughlin
QA Contact: Jeff Teehan
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-04-20 22:18 UTC by Jeff Teehan
Modified: 2016-06-29 15:52 UTC (History)
11 users (show)

Fixed In Version: 5.6.0.9
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-06-29 15:52:00 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
Screenshot immediately after timeout/login (70.38 KB, image/png)
2016-05-25 15:35 UTC, Jeff Teehan
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:1348 0 normal SHIPPED_LIVE CFME 5.6.0 bug fixes and enhancement update 2016-06-29 18:50:04 UTC

Description Jeff Teehan 2016-04-20 22:18:33 UTC
Description of problem:
When you first arrive at the Login screen, you type the user name, hit tab, type the password and hit enter.  It takes you to the dashboard.

When the UI session times out, repeating the same steps takes you to the change password page.

Somehow, the focus for enter is set to the Change Password link rather than the Login button.  Logging out does not cause this to happen, and you can ctrl-refresh the page and it won't happen.

Version-Release number of selected component (if applicable):
5.6.0.1 Beta 2

How reproducible:
Always under the exact steps below.

Steps to Reproduce:
1.  Go to appliance and log in.
2.  Wait for appliance UI session to timeout (default = 60 minutes)
3.  After 61 minutes, click any tab in the UI.
4.  UI takes you to the login screen.
5.  Type username, tab, password, enter.

Actual results:
Takes user to the change password screen.


Expected results:
Login the same as in Step 1.

Additional info:
Not a big deal, just different from 5.5

Comment 2 Jeff Teehan 2016-04-21 18:07:35 UTC
Upon further review, it is the Login button itself that has been rewired to the password update page.

Comment 6 Jeff Teehan 2016-05-03 19:05:28 UTC
Hi Brian,

I don't see this in 5.5.4 either, which is a week newer.  All kinds of problems seem to have disappeared.  I'll ask anewman if he is still seeing it.

I set this Beta2 appliance https://10.16.6.70 to 5 minute timeout.  I'll try it a few times and report back.

Comment 7 Jeff Teehan 2016-05-03 19:22:27 UTC
It's definitely still in my Beta2 on https://10.16.6.70, but not 5.5.4.0

Comment 8 Brian McLaughlin 2016-05-17 13:38:56 UTC
Jeff, I've only been able to reproduce it on your appliance, but not my own instances of a Beta2 appliance or 5.6.0.6 appliance.  Any chance you could retest in a more recent build?

Comment 9 Jeff Teehan 2016-05-25 15:35:16 UTC
Created attachment 1161487 [details]
Screenshot immediately after timeout/login

Screenshot immediately after timeout/login

Comment 10 Jeff Teehan 2016-05-25 15:37:00 UTC
Same in 5.6.0.7  If it was just me, I'd say it's just me.  But I'm not the one who originally found it.  I added a screenshot, because if you look at the URL, it doesn't think it's at the change password screen.  It thinks it went home to the dashboard.  Might be a clue.

Comment 13 CFME Bot 2016-05-26 18:45:31 UTC
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/4c10ecf65b94b437b100ff90cb18615518c6e192

commit 4c10ecf65b94b437b100ff90cb18615518c6e192
Author:     Martin Hradil <mhradil>
AuthorDate: Thu May 26 17:51:17 2016 +0000
Commit:     Martin Hradil <mhradil>
CommitDate: Thu May 26 17:51:17 2016 +0000

    session[:start_url] - save the actual path, instead of controller & action & id
    
    Because sometimes you also need the actual params..
    
    When clicking the main menu (1st level), if the session has already timed out, only `/dashboard/maintab` would be saved, instead of eg. `/dashbard/maintab?tab=svc`..
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1329009

 app/controllers/application_controller.rb | 2 +-
 spec/requests/auth_spec.rb                | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

Comment 14 Jeff Teehan 2016-05-26 18:54:32 UTC
Nice work.  I'll put this on the hot seat.  Thanks team.

Comment 15 Jeff Teehan 2016-06-03 20:12:51 UTC
Verified in 5609 using https://10.16.7.233

Thanks again for the second look.

Comment 17 errata-xmlrpc 2016-06-29 15:52:00 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1348


Note You need to log in before you can comment on or make changes to this bug.