Horizon drops path when redirecting to login page after session expires

Bug #1243187 reported by Daniel Speichert on 2013-10-22
54
This bug affects 11 people
Affects Status Importance Assigned to Milestone
horizon (Ubuntu)
High
James Page
Trusty
High
James Page

Bug Description

Horizon has the following default settings:
# Default Ubuntu apache configuration uses /horizon as the application root.
# Configure auth redirects here accordingly.
LOGIN_URL='/horizon/auth/login/'
LOGIN_REDIRECT_URL='/horizon'

When there is a permission problem, Horizon correctly redirects to:
https://example.com/horizon/auth/login/?next=/horizon/admin/

However, when session expires, Horizon redirects to:
https://example.com/auth/logout/?next=/horizon/

This doesn't work - note missing /horizon/ in the path.

Package: python-django-horizon
State: installed
Automatically installed: yes
Version: 1:2013.2~rc3-0ubuntu1~cloud0

Daniel Speichert (dasp) wrote :

The issue can be fixed by adding:
LOGIN_REDIRECT_URL='/horizon/'
to /etc/openstack-dashboard/local_settings.py

no longer affects: horizon
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in horizon (Ubuntu):
status: New → Confirmed
Changed in horizon (Ubuntu):
assignee: nobody → Anuj Deshpande (anujdeshpande92)
Changed in horizon (Ubuntu):
assignee: Anuj Deshpande (anujdeshpande92) → nobody
Kymil-arcadia (kymil-arcadia) wrote :

So this is a real bug right, and not just a missing config? I think Daniel's comment, while a solid attempt at resolving the problem, makes this a bit unclear.

I have the config set, and I still have the exact problem described in the bug report.

/etc/openstack-dashboard/local_settings.py
LOGIN_URL='/horizon/auth/login/'
LOGIN_REDIRECT_URL='/horizon'

Still, when my sessions time out, the browser attempts to go to:
http://myurl.com/auth/logout/?next=/horizon/project/

Instead of:
http://myurl.com/horizon/auth/logout/?next=/horizon/project/

Thanks!!

Kymil-arcadia (kymil-arcadia) wrote :

Okay, I think I got this fixed. Maybe this is what Daniel meant to type.

I made the following modification and now the timeout redirect appears to work as it should.

/etc/openstack-dashboard/local_settings.py
LOGOUT_URL='/horizon/auth/logout/'

Daniel Speichert (dasp) wrote :

Thanks Kymil-arcadia for pointing out my mistake - reading my own comment again I can't figure out the sense of my solution.

So here is the full story:
By default, /etc/openstack-dashboard/local_settings.py has the following lines:

LOGIN_URL='/horizon/auth/login/'
LOGIN_REDIRECT_URL='/horizon/'

It is necessary to change them to:

LOGIN_URL='/horizon/auth/login/'
LOGOUT_URL='/horizon/auth/logout/'
LOGIN_REDIRECT_URL='/horizon/'

Adding that one extra LOGOUT_URL that you also mentioned. Without that line, Horizon doesn't add the /horizon/ part of the URL, which is required.

James Page (james-page) on 2014-03-07
Changed in horizon (Ubuntu Trusty):
assignee: nobody → James Page (james-page)
importance: Undecided → High
status: Confirmed → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package horizon - 1:2014.1~b3-0ubuntu2

---------------
horizon (1:2014.1~b3-0ubuntu2) trusty; urgency=medium

  * Ensure correct URL is used for logout/timeout (LP: #1243187):
    - d/p/ubuntu_settings.patch: Update LOGOUT_URL for /horizon prefix.
  * Ensure Apache configuration is backwards compatible with Apache 2.2
    (LP: #1292577):
    - d/openstack-dashboard.conf: Revert changes from 1:2014.1~b2-0ubuntu2.
 -- James Page <email address hidden> Fri, 14 Mar 2014 16:21:00 +0000

Changed in horizon (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers