Project

General

Profile

Actions

Bug #17854

closed

When user is deleted and they still have an active session in browser, they are not logged out

Added by Tomer Brisker over 7 years ago. Updated over 7 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1208419

Description of problem:

When user is deleted while they still have an active session in browser and they access Satellite again, message

Dashboard Not Found
Please try to update your request
[ Back ]

is shown. Clicking back or reload does not help. Even even visiting /users/logout does not help, I get

The page you were looking for doesn't exist.
You may have mistyped the address or the page may have moved.

on the URL.

What helps is visiting /users/login and logging in as different user.

Version-Release number of selected component (if applicable):

Satellite 6.1.0.

How reproducible:

Deterministic.

Steps to Reproduce:
1. Be admin, create user bob, set password to bob.
2. In different browser, log in as bob.
3. In the first browser, as admin, delete user bob.
4. In the second browser, go to Satellite's URL.

Actual results:

Dashboard Not Found
Please try to update your request
[ Back ]

Expected results:

Logon page, perhaps with some message "your session has expired".

Additional info:


Related issues 1 (0 open1 closed)

Is duplicate of Foreman - Bug #16514: When user is deleted and they still have an active session in browser, Dashboard Not Found error is shownClosedKavita Gaikwad09/12/2016Actions
Actions #1

Updated by Tomer Brisker over 7 years ago

  • Subject changed from When user is deleted and they still have an active session in browser, Dashboard Not Found error is shown to When user is deleted and they still have an active session in browser, they are not logged out

More significant issue here is that when deleting a user their active sessions are not removed and thus not logged out.

Actions #2

Updated by Tomer Brisker over 7 years ago

  • Status changed from New to Duplicate
Actions #3

Updated by Tomer Brisker over 7 years ago

  • Is duplicate of Bug #16514: When user is deleted and they still have an active session in browser, Dashboard Not Found error is shown added
Actions

Also available in: Atom PDF