[openstack-dev] [horizon] Keystone token expiration causes user to be logged out

Morgan Fainberg morgan.fainberg at gmail.com
Wed Apr 15 00:47:35 UTC 2015

On Tue, Apr 14, 2015 at 5:25 PM, Lin Hua Cheng <os.lcheng at gmail.com> wrote:

> That is the expected behavior. Horizon does not support extendable session
> token.
> From my understanding on that spec, it would require Horizon to store only
> the unscoped token and request for extension of that from keystone.
> Horizon is currently dependent on the project scoped token and store that
> in the session.
> We have to make changes in how project scoped token is managed in Horizon
> and just store the unscoped token to support that feature.
> -Lin
> On Tue, Apr 14, 2015 at 4:26 PM, Brad Pokorny <Brad_Pokorny at symantec.com>
> wrote:
>> Hi all,
>> When a user is logged into Horizon and the Keystone token expires, I'm
>> seeing that the user gets logged out, even though the web session hasn't
>> expired.  After some searching around and finding [1], it looks like this
>> is expected, as the implementation of Session Extendable Tokens would allow
>> applications such as Horizon to fetch another token when the existing token
>> expires.
>> Is there anything I've missed in the Horizon implementation that would
>> currently allow extension of the token?
>> [1]
>> https://blueprints.launchpad.net/keystone/+spec/session-extendable-tokens
>> Thanks,
>> Brad
To add, the session "Extendable" token is not implemented.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150414/916407c5/attachment.html>

More information about the OpenStack-dev mailing list