OpenStack Dashboard (Horizon)

Nothing is forcing to logout when admin user update his own password

Bug #1155429 reported by Zhenguo Niu
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
Medium
Zhenguo Niu
OpenStack Dashboard (Horizon) 2013.2 "havana"

Bug Description

when admin user update his password, user's current token will be invalidated and they won't be able to do anything else in the dashboard.

Zhenguo Niu (niu-zglinux)
Changed in horizon:
assignee: nobody → 牛振国 (niu-zglinux)
Victoria Martinez de la Cruz (vkmc)
Changed in horizon:
status: New → Confirmed
Revision history for this message
Victoria Martinez de la Cruz (vkmc) wrote :

That's a serious thing!

Here I attach the output trace when reproducing this.

###

Unauthorized at /admin/users/
Unable to communicate with identity service: {"error": {"message": "Could not find token: b0a0589b41cc4cf092a6d9bb00757a15", "code": 401, "title": "Not Authorized"}}. (HTTP 401)

Request Method: GET
Request URL: http://192.168.122.198/admin/users/
                                Django Version: 1.4.5
Exception Type: Unauthorized
Exception Value: Unable to communicate with identity service: {"error": {"message": "Could not find token: b0a0589b41cc4cf092a6d9bb00757a15", "code": 401, "title": "Not Authorized"}}. (HTTP 401)
Exception Location: /opt/stack/python-keystoneclient/keystoneclient/client.py in request, line 366
Python Executable: /usr/bin/python
Python Version: 2.7.3
Python Path:
['/opt/stack/horizon/openstack_dashboard/wsgi/../..',
 '/opt/stack/python-keystoneclient',
 '/opt/stack/python-novaclient',
 '/opt/stack/python-openstackclient',
 '/opt/stack/keystone',
 '/opt/stack/glance',
 '/opt/stack/python-glanceclient/setuptools_git-1.0b1-py2.7.egg',
 '/opt/stack/python-glanceclient',
 '/opt/stack/nova',
 '/usr/local/lib/python2.7/dist-packages/requests-0.14.2-py2.7.egg',
 '/opt/stack/horizon',
 '/opt/stack/cinder',
 '/opt/stack/python-cinderclient',
 '/opt/stack/tempest',
 '/opt/stack/swift',
 '/opt/stack/python-swiftclient',
 '/opt/stack/python-quantumclient',
 '/opt/stack/quantum',
 '/usr/local/lib/python2.7/dist-packages',
 '/usr/lib/python2.7',
 '/usr/lib/python2.7/plat-linux2',
 '/usr/lib/python2.7/lib-tk',
 '/usr/lib/python2.7/lib-old',
 '/usr/lib/python2.7/lib-dynload',
 '/usr/lib/python2.7/dist-packages',
 '/usr/lib/python2.7/dist-packages/PIL',
 '/usr/lib/pymodules/python2.7',
 '/opt/stack/horizon/openstack_dashboard']
Server time: Fri, 15 Mar 2013 13:39:14 +0000

Revision history for this message
Gabriel Hurley (gabriel-hurley) wrote :

I'm not entirely convinced of the right solution here yet, but we should definitely do something in this case.

Changed in horizon:
importance: Undecided → Medium
milestone: none → havana-1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/24878

Changed in horizon:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/24878
Committed: http://github.com/openstack/horizon/commit/d35f863ff6704c1eea0c22c8ace95dcf8d164c04
Submitter: Jenkins
Branch: master

commit d35f863ff6704c1eea0c22c8ace95dcf8d164c04
Author: Zhenguo Niu <email address hidden>
Date: Wed Mar 20 14:26:24 2013 +0800

    Add a logout when admin user update his own password.

    Fixes bug 1155429

    Change-Id: I166848bfe2d83e8b6cfb825476040215c0821302

Changed in horizon:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in horizon:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in horizon:
milestone: havana-1 → 2013.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.