Error when deleting multiple tokens on logout
Bug #1108393 reported by
Lin Hua Cheng
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Fix Released
|
Undecided
|
Lin Hua Cheng |
Bug Description
On user logout, each token created is iterated and revoked.
On token revocation, it requires a valid token to be passed in the header. If the token used has already been revoked during the for..loop of the token revocation, it throws an exception.
For example:
There are token#1, token#2 and token#3 stored in session, and token#2 is stored in the auth_token of the client code. By the time the application tries to revoke token#3, token#2 has already been revoked and cannot be used to revoke token#3.
Changed in horizon: | |
assignee: | nobody → Lin Hua Cheng (lin-hua-cheng) |
Changed in horizon: | |
milestone: | none → grizzly-3 |
status: | Fix Committed → Fix Released |
Changed in horizon: | |
milestone: | grizzly-3 → 2013.1 |
To post a comment you must log in.
Fix proposed at: https:/ /github. com/gabrielhurl ey/django_ openstack_ auth/pull/ 20