Description of problem: Normally, when user web session with Satellite WebUI times out, any subsequent click on any link forces login form to appear, and continues after submitting user credentials. Insights doesn't show login form but reports "No systems are registered." instead. Version-Release number of selected component (if applicable): redhat-access-plugin-sat5-2.1.0-54.el6sat How reproducible: always Steps to Reproduce: 1. Make sure you have a few systems registered to Satellite 2. Login to Satellite WebUI and go to Systems->Insights->Setup. List of systems registered to the Satellite is displayed, doesn't matter if they are registered to Insights or not. 3. You can wait for session timeout, or go faster way - open same Satellite page in another browser tab, and logout there. Actual results: Click on Insights->Overview and then Insights->Setup in the original browser tab. Overview page still shows last status message. Setup page shows "No systems are registered" Expected results: Insights should correctly detect that user is not logged in anymore, and display login form instead of misleading info.
Tested with redhat-access-plugin-sat5-2.1.0-56.el6sat. Following the reproducer from the original report, Insights WebUI correctly displays login page when accessing Systems->Insights->Setup page. When accessing Systems->Insights->Overview page, it still displays last status message, logged out user is not detected. Lindani, is it possible to add "user is logged in" detection for Overview page as well?
Radovan, Yes, the overview page issue is known limitation of the current solution - it happens because on that page we pre-load all the *summary* data and never contact the server again - if you attempt to drill down to get more information you should be logged out. Lindani
(In reply to Lindani Phiri from comment #3) > Radovan, > > Yes, the overview page issue is known limitation of the current solution - > it happens because on that page we pre-load all the *summary* data and > never contact the server again - if you attempt to drill down to get more > information you should be logged out. > > Lindani Yes, that's what I thought. Ok, I have checked the overview page. Any other click forces the login form to appear. An attempt to download CSV ends with a message "{"message":"A valid session cookie or valid systemid header was not found on the request."}". Not too elegant, but secure. VERIFIED