[openstack-dev] [horizon] Keystone token expiration causes user to be logged out

Lin Hua Cheng os.lcheng at gmail.com
Wed Apr 15 00:25:29 UTC 2015

That is the expected behavior. Horizon does not support extendable session

>From my understanding on that spec, it would require Horizon to store only
the unscoped token and request for extension of that from keystone.

Horizon is currently dependent on the project scoped token and store that
in the session.

We have to make changes in how project scoped token is managed in Horizon
and just store the unscoped token to support that feature.


On Tue, Apr 14, 2015 at 4:26 PM, Brad Pokorny <Brad_Pokorny at symantec.com>

> Hi all,
> When a user is logged into Horizon and the Keystone token expires, I'm
> seeing that the user gets logged out, even though the web session hasn't
> expired.  After some searching around and finding [1], it looks like this
> is expected, as the implementation of Session Extendable Tokens would allow
> applications such as Horizon to fetch another token when the existing token
> expires.
> Is there anything I've missed in the Horizon implementation that would
> currently allow extension of the token?
> [1]
> https://blueprints.launchpad.net/keystone/+spec/session-extendable-tokens
> Thanks,
> Brad
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150414/9692f41b/attachment.html>

More information about the OpenStack-dev mailing list