User is not logged out once his token is revoked by keystone
Bug #1086189 reported by
Kieran Spear
This bug report is a duplicate of:
Bug #1252341: Horizon crashes when removing logged user from project.
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
In Progress
|
Low
|
Paul Karikh | ||
django-openstack-auth |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Once user's token is revoked (due to, for example reducing user's set of roles in current tenant), on the next request he is not logged out, but instead gets a bunch of 'Unauthorized' errors. Not redirecting user in that case to log-in page does not make sense because he can't do anything useful without valid token.
Changed in horizon: | |
milestone: | grizzly-2 → grizzly-3 |
Changed in horizon: | |
milestone: | grizzly-3 → none |
Changed in django-openstack-auth: | |
importance: | Undecided → Low |
status: | New → Confirmed |
Changed in horizon: | |
assignee: | nobody → Vlad Okhrimenko (vokhrimenko) |
Changed in django-openstack-auth: | |
assignee: | nobody → Vlad Okhrimenko (vokhrimenko) |
To post a comment you must log in.
That's probably a reasonable compromise. There are two things to avoid, though:
1. Piling up lots of extra API calls on every request,
2. Adding API calls (which may fail or time out in broken deployments) to routes which must never fail (e.g. logout).
As such it's important to be careful *where* and *how* the extra checks get added.