Bug 1576574 - Successful web console login redirects back to login page
Summary: Successful web console login redirects back to login page
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Management Console
Version: 3.7.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.7.z
Assignee: Samuel Padgett
QA Contact: Yadan Pei
Depends On:
TreeView+ depends on / blocked
Reported: 2018-05-09 19:49 UTC by Robert Bost
Modified: 2018-05-11 18:09 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2018-05-11 17:05:13 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 3441131 0 None None None 2018-05-11 18:09:49 UTC

Description Robert Bost 2018-05-09 19:49:53 UTC
Description of problem:

Customer experiencing issue with logging into web console:

- Navigate to web console. Login form is displayed.
- User submits login form. POST request to /login.
- Redirected to /oauth/authorize


** Should redirect to /console/oauth which displays the actual console page where user wants to be.
- However, the /oauth/authorize response redirects to /login again, hence why you see the login page. 
- Here is the 302 response's Location header from /oauth/authorize:


Version-Release number of selected component (if applicable): atomic-openshift-3.7.44-1.git.0.6b061d4.el7.x86_64 

How reproducible: 
Issue is intermittent for customer which leads me to believe master-configs are not consistent. Attaching for the record. 

Steps to Reproduce:
1. Unable to reproduce locally.

Actual results:
Redirected back to /login page

Expected results:
Redirect to /console showing projects, etc.

Comment 2 Yadan Pei 2018-05-10 07:08:07 UTC
Setup a v3.7.44 cluster with 3 masters, 4 nodes and 1 LB on AWS.

1. Access LB URL address
redirect to https://<elb>/login?then=%2Foauth%2Fauthorize%3Fclient_id%3Dopenshift-web-console%26response_type%3Dcode%26state%3DeyJ0aGVuIjoiLyIsIm5vbmNlIjoiMTUyNTkzNTAwNDg2Ni0xOTIwMDI1ODc3MjIxNDc4ODU4MDM3NTY2MzgzNzcxMDU5NDY1MTQ1MjU5NjgyMjUwOTE3OTIxNDU2MzU4MjA2OTAzOTY5MzI2MzQzMDUifQ%26redirect_uri%3Dhttps%253A%252F%252F<elb>%252Fconsole%252Foauth
2. Set username and password
https://<elb>/console/oauth?code=MQaUZZWSnmB3EKgBGPymEtgdIkyEn0bZ99eW2_Ad0AY&state=eyJ0aGVuIjoiLyIsIm5vbmNlIjoiMTUyNTkzNTAwNDg2Ni0xOTIwMDI1ODc3MjIxNDc4ODU4MDM3NTY2MzgzNzcxMDU5NDY1MTQ1MjU5NjgyMjUwOTE3OTIxNDU2MzU4MjA2OTAzOTY5MzI2MzQzMDUifQ and authorize code returned
3. Login successfully and didn't redirect to login page again

didn't reproduce the issue locally too.

Comment 4 Robert Bost 2018-05-11 17:05:13 UTC
Issue appears to have been due to mismatching /etc/origin/master/session-secrets.yaml on one of the maters.

Note You need to log in before you can comment on or make changes to this bug.