[openstack-dev] [horizon] Keystone token expiration causes user to be logged out
Morgan Fainberg
morgan.fainberg at gmail.com
Wed Apr 15 00:47:35 UTC 2015
On Tue, Apr 14, 2015 at 5:25 PM, Lin Hua Cheng <os.lcheng at gmail.com> wrote:
>
> That is the expected behavior. Horizon does not support extendable session
> token.
>
> From my understanding on that spec, it would require Horizon to store only
> the unscoped token and request for extension of that from keystone.
>
> Horizon is currently dependent on the project scoped token and store that
> in the session.
>
> We have to make changes in how project scoped token is managed in Horizon
> and just store the unscoped token to support that feature.
>
> -Lin
>
> On Tue, Apr 14, 2015 at 4:26 PM, Brad Pokorny <Brad_Pokorny at symantec.com>
> wrote:
>
>> Hi all,
>>
>> When a user is logged into Horizon and the Keystone token expires, I'm
>> seeing that the user gets logged out, even though the web session hasn't
>> expired. After some searching around and finding [1], it looks like this
>> is expected, as the implementation of Session Extendable Tokens would allow
>> applications such as Horizon to fetch another token when the existing token
>> expires.
>>
>> Is there anything I've missed in the Horizon implementation that would
>> currently allow extension of the token?
>>
>> [1]
>> https://blueprints.launchpad.net/keystone/+spec/session-extendable-tokens
>>
>> Thanks,
>> Brad
>>
>>
To add, the session "Extendable" token is not implemented.
--Morgan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150414/916407c5/attachment.html>
More information about the OpenStack-dev
mailing list