Description of problem:
When I'm logged in UI and somebody triggers brute-force attack protection by number of failed UI logins, mine session hangs in infinite reload loop

Version-Release number of selected component (if applicable):
satellite-6.5.0-5.beta.el7sat.noarch

How reproducible:
always

Steps to Reproduce:
1. Log in to UI
2. Make sure Settings -> Authentication -> failed_login_attempts_limit is set to default 30 (or set it to some lower, non-0 number)
3. In different browser/browser profile trigger brute-force attack protection by number of failed UI logins (you need to make it in below 5 minutes which is a default timeout)
4. Note how your original UI session from step "1." looks like now

Actual results:
Original UI session is in infinite reload loop

Expected results:
Either original session remains functional (preferred) or user is notified brute-force attack protection was activated and he should investigate results and try again later

Additional info:
As this way I can disconnect any user from Satellite without having any valid Satellite or OS account, should this be considered a security issue?