1851341 – The ipa_session is not destroyed

Bug 1851341 - The ipa_session is not destroyed

Summary: The ipa_session is not destroyed

Keywords:
Status:	CLOSED DUPLICATE of bug 1746944
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	freeipa
Sub Component:
Version:	31
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	IPA Maintainers
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-06-26 09:06 UTC by Roman
Modified:	2020-06-26 09:30 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-06-26 09:30:40 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Roman 2020-06-26 09:06:27 UTC

Description of problem:
- How do i destroy the ipa_session by browser?
- How do i destroy the ipa_session by api?

Version-Release number of selected component (if applicable): 4.7.0 (ubuntu)

Steps to Reproduce:
1. Login in the browser(or the api: login_password);
2. Get the ipa_session;
3. Logout from the account (by browser or api: session_logout(it worked in another version freeipa));
4. I can still use the ipa_session further

Actual results:

I can still use the ipa_session further after logout

Expected results:

I cannot use the ipa_session further after logout

Comment 1 Alexander Bokovoy 2020-06-26 09:30:40 UTC

Please do not use bugzilla as a tool to discuss. Please use freeipa-users@ mailing list for general discussion.

I am closing this as a duplicate of what was supposed to be a CVE-2019-14826 but was rejected. Please see reasons there. See also default.conf(5) man page for kinit_lifetime parameter.

*** This bug has been marked as a duplicate of bug 1746944 ***

Note You need to log in before you can comment on or make changes to this bug.