Description of problem: While having another user except of admin@internal logged-in into engine (admin@internal into Webadmin, a domain user into User Portal), 'Terminate Session' action of the domain user does not causes the user to be logged-off. The domain user's session reappears in the session list in a while as well. Version-Release number of selected component (if applicable): ovirt-engine-backend-4.0.0-0.7.master.el7ev.noarch How reproducible: 100% Steps to Reproduce: 1. login into Webadmin as admin@internal 2. login to User Portal as a domain user of a "registered" domain (another browser) 3. check 'Active User Sessions' in Webadmin 4. 'Terminate Session' of the domain user (confirm) 5. observe what happens Actual results: the domain user is not logged-off from his own browser session the domain user's session reappears again in the sessions list Expected results: the domain user should be forcibly logged-off the domain user's session should not be present in the sessions list after the action Additional info: pnovotny@ said it works ok in 3.6.x
Not sure if really relevant: ~~~ 2016-05-27 12:16:29,490 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-3) [63187b2b] Running command: CreateUserSessionCommand(Email = null, GroupIds = [], PrincipalName = ad-w2k8r2.com, AdminRequired = false, ProfileName = ad-w2k8r2.example.com, PrincipalId = KqAXTzGX9UaxSaIuawL4ug==, SsoToken = kaID0aHwCx1JlwIbPjCNtHvdpnf9hrSiJ3TTz_nYIcGm6tAbqaGQxAs0VEx7zoROAzQoevTKag2nIJfMfiDr4Q, SourceIp = 10.34.130.216) internal: false. # grep 'TerminateSessionForTokenCommand' /var/log/ovirt-engine/engine.log | tail -n1 # ~~~
This bug report has Keywords: Regression or TestBlocker. Since no regressions or test blockers are allowed between releases, it is also being identified as a blocker for this release. Please resolve ASAP.
*** This bug has been marked as a duplicate of bug 1340471 ***