Bug #17854

When user is deleted and they still have an active session in browser, they are not logged out

Added by Tomer Brisker 12 months ago. Updated 12 months ago.

Status:Duplicate
Priority:Normal
Assigned To:-
Category:Security
Target version:-
Difficulty: Bugzilla link:1208419
Found in release: Pull request:
Story points-
Velocity based estimate-

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1208419

Description of problem:

When user is deleted while they still have an active session in browser and they access Satellite again, message

Dashboard Not Found
Please try to update your request
[ Back ]

is shown. Clicking back or reload does not help. Even even visiting /users/logout does not help, I get

The page you were looking for doesn't exist.
You may have mistyped the address or the page may have moved.

on the URL.

What helps is visiting /users/login and logging in as different user.

Version-Release number of selected component (if applicable):

Satellite 6.1.0.

How reproducible:

Deterministic.

Steps to Reproduce:
1. Be admin, create user bob, set password to bob.
2. In different browser, log in as bob.
3. In the first browser, as admin, delete user bob.
4. In the second browser, go to Satellite's URL.

Actual results:

Dashboard Not Found
Please try to update your request
[ Back ]

Expected results:

Logon page, perhaps with some message "your session has expired".

Additional info:


Related issues

Duplicates Foreman - Bug #16514: When user is deleted and they still have an active sessio... Closed 09/12/2016

History

#1 Updated by Tomer Brisker 12 months ago

  • Subject changed from When user is deleted and they still have an active session in browser, Dashboard Not Found error is shown to When user is deleted and they still have an active session in browser, they are not logged out

More significant issue here is that when deleting a user their active sessions are not removed and thus not logged out.

#2 Updated by Tomer Brisker 12 months ago

  • Status changed from New to Duplicate

#3 Updated by Tomer Brisker 12 months ago

  • Duplicates Bug #16514: When user is deleted and they still have an active session in browser, Dashboard Not Found error is shown added

Also available in: Atom PDF