Bug 798960 - After Session time out any activity on cloudForms should reload the url of login page
After Session time out any activity on cloudForms should reload the url of lo...
Status: CLOSED ERRATA
Product: CloudForms Cloud Engine
Classification: Red Hat
Component: aeolus-conductor (Show other bugs)
1.0.0
Unspecified Unspecified
medium Severity medium
: beta3
: ---
Assigned To: Scott Seago
wes hayutin
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-01 06:36 EST by Shveta
Modified: 2012-12-04 09:57 EST (History)
13 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The URL did not refresh to the login page after a session timeout. This bug fix updates the JavaScript of Conductor to add in automation. After a session timeout, the user is redirected to the login page and then, once authenticated, the user is redirected to the link that was requested.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-12-04 09:57:30 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
session_time_out (229.23 KB, image/png)
2012-03-01 06:36 EST, Shveta
no flags Details

  None (edit)
Description Shveta 2012-03-01 06:36:47 EST
Created attachment 566824 [details]
session_time_out

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Install aeolus and click cloud resource provider
2. Leave it inactive for 15 mins minimum
3. After 15 mins , click on accounts , the url doesn't refresh and the page shown in attached screenshot is launched.
  
Actual results:


Expected results:


Additional info:

rpm -qa|grep aeolus
aeolus-conductor-doc-0.8.0-39.el6.noarch
aeolus-configure-2.5.0-16.el6.noarch
rubygem-aeolus-image-0.3.0-10.el6.noarch
aeolus-conductor-0.8.0-39.el6.noarch
rubygem-aeolus-cli-0.3.0-12.el6.noarch
aeolus-all-0.8.0-39.el6.noarch
aeolus-conductor-daemons-0.8.0-39.el6.noarch
Comment 1 wes hayutin 2012-03-01 10:23:52 EST
So.. this bug may be blocking automation.. and our ability to quickly qualify builds.

There is another login issue that I will open up a bug on and paste here too
Comment 2 Matt Wagner 2012-03-01 17:37:34 EST
Note that there was much discussion the other day after the "session timeout" fix was pushed, and the consensus was that it was a new feature/enhancement, not a bugfix, so that it should not have been done. The fact that it's causing problems makes me think that the correct fix is to revert that bug, not to fix this issue. But that's just MHO.
Comment 3 Matt Wagner 2012-03-01 17:38:05 EST
Err, "revert that patch," not "revert that bug." Freudian slip.
Comment 4 wes hayutin 2012-03-01 20:41:08 EST
(In reply to comment #2)
> Note that there was much discussion the other day after the "session timeout"
> fix was pushed, and the consensus was that it was a new feature/enhancement,
> not a bugfix, so that it should not have been done. The fact that it's causing
> problems makes me think that the correct fix is to revert that bug, not to fix
> this issue. But that's just MHO.

I'm fine either way.. I know in bug triage Hugh wanted the session timeout in.
We can revisit the issue next triage
Comment 5 Angus Thomas 2012-03-02 08:32:41 EST
The correct behaviour when a user clicks on a link, after the session has timed out, is to load the login page, so that the user can authenticate for a new session.
Comment 6 Matt Wagner 2012-03-02 15:12:40 EST
Patch on list: http://lists.fedorahosted.org/pipermail/aeolus-devel/2012-March/009365.html

Note that issue 799421 is tangentially related, in that it is also caused by 794536's introduction.
Comment 7 Matt Wagner 2012-03-06 10:23:49 EST
This has a patch posted, but it's out of scope for this release since the timeout has been reverted. Moving back to NEW and assigning to athomas as default assignee for now.
Comment 10 Angus Thomas 2012-08-10 10:47:15 EDT
The correct behaviour, once a user has gone through the login page, is to take them to the page in the application which corresponds to the URL they originally clicked on, rather than to the usual landing page after login.
Comment 11 Mike Orazi 2012-08-13 10:44:30 EDT
Can the patch mentioned above to applied easily to the tree?
Comment 12 Matt Wagner 2012-08-13 11:36:06 EDT
This patch is now part of the patch adding session expiry, and does work. So this will be all set once the patch is ACKed and pushed.
Comment 13 Scott Seago 2012-08-31 15:38:12 EDT
Moving this to modified as it's apparently already done.
Comment 15 pushpesh sharma 2012-09-18 09:13:54 EDT
After Session time-out redirected to login-page and with valid credentials redirected to link user asked for. 

Verified on:-

[root@dhcp201-113 ~]# rpm -qa|grep aeolus
aeolus-conductor-doc-0.13.7-1.el6cf.noarch
aeolus-all-0.13.7-1.el6cf.noarch
rubygem-aeolus-cli-0.7.1-1.el6cf.noarch
aeolus-configure-2.8.6-1.el6cf.noarch
rubygem-aeolus-image-0.3.0-12.el6.noarch
aeolus-conductor-0.13.7-1.el6cf.noarch
aeolus-conductor-daemons-0.13.7-1.el6cf.noarch
Comment 18 errata-xmlrpc 2012-12-04 09:57:30 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2012-1516.html

Note You need to log in before you can comment on or make changes to this bug.