The "request" attribute is not available [1] when the first request happens after a server restart. This means the whole authentication mechanism falls back to "AnonymousUser" and you are getting redirected to the login page due to horizon.exceptions.NotAuthenticated being raised. [2]
The "request" attribute is monkey patched by openstack_auth.utils. [3] But there is nowhere in Horizon where this module is imported at startup. It's only introspected by openstack_dashboarb.urls due to AUTHENTICATION_URLS setting. [4]
This means the monkey patching won't happen until a user requests a page under auth/ which will have the side-effect of monkey patching django.contrib.auth.middleware as expected.
This also means that once a request is done, the session will be restored and you will be properly authenticated if you directly request a page other than auth/.
If you have multiple processes/workers, you will need to hit all of them once to fix the session issue and trigger the monkey patching for all of them.
I managed to identify the issue.
The "request" attribute is not available [1] when the first request happens after a server restart. This means the whole authentication mechanism falls back to "AnonymousUser" and you are getting redirected to the login page due to horizon. exceptions. NotAuthenticate d being raised. [2]
The "request" attribute is monkey patched by openstack_ auth.utils. [3] But there is nowhere in Horizon where this module is imported at startup. It's only introspected by openstack_ dashboarb. urls due to AUTHENTICATION_URLS setting. [4]
This means the monkey patching won't happen until a user requests a page under auth/ which will have the side-effect of monkey patching django. contrib. auth.middleware as expected.
This also means that once a request is done, the session will be restored and you will be properly authenticated if you directly request a page other than auth/.
If you have multiple processes/workers, you will need to hit all of them once to fix the session issue and trigger the monkey patching for all of them.
[1] https:/ /github. com/openstack/ horizon/ blob/a53f012fa1 c0724ee4d532e78 2e6b2fe88ef8fa8 /openstack_ auth/backend. py#L66- L87 /github. com/openstack/ horizon/ blob/a53f012fa1 c0724ee4d532e78 2e6b2fe88ef8fa8 /horizon/ decorators. py#L40- L54 /github. com/openstack/ horizon/ blob/a53f012fa1 c0724ee4d532e78 2e6b2fe88ef8fa8 /openstack_ auth/utils. py#L63 /github. com/openstack/ horizon/ blob/a53f012fa1 c0724ee4d532e78 2e6b2fe88ef8fa8 /openstack_ dashboard/ urls.py# L52
[2] https:/
[3] https:/
[4] https:/