Ubuntu
horizon package

Horizon drops path when redirecting to login page after session expires

Bug #1243187 reported by Daniel Speichert
54
This bug affects 11 people
Affects Status Importance Assigned to Milestone
horizon (Ubuntu)
Fix Released
High
James Page
Trusty
Fix Released
High
James Page

Bug Description

Horizon has the following default settings:
# Default Ubuntu apache configuration uses /horizon as the application root.
# Configure auth redirects here accordingly.
LOGIN_URL='/horizon/auth/login/'
LOGIN_REDIRECT_URL='/horizon'

When there is a permission problem, Horizon correctly redirects to:
https://example.com/horizon/auth/login/?next=/horizon/admin/

However, when session expires, Horizon redirects to:
https://example.com/auth/logout/?next=/horizon/

This doesn't work - note missing /horizon/ in the path.

Package: python-django-horizon
State: installed
Automatically installed: yes
Version: 1:2013.2~rc3-0ubuntu1~cloud0

Revision history for this message
Daniel Speichert (dasp) wrote :

The issue can be fixed by adding:
LOGIN_REDIRECT_URL='/horizon/'
to /etc/openstack-dashboard/local_settings.py

no longer affects: horizon
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in horizon (Ubuntu):
status: New → Confirmed
Anuj Deshpande (anujdeshpande)
Changed in horizon (Ubuntu):
assignee: nobody → Anuj Deshpande (anujdeshpande92)
Sphoorti (sphoorti-joglekar)
Changed in horizon (Ubuntu):
assignee: Anuj Deshpande (anujdeshpande92) → nobody
Revision history for this message
Kymil-arcadia (kymil-arcadia) wrote :

So this is a real bug right, and not just a missing config? I think Daniel's comment, while a solid attempt at resolving the problem, makes this a bit unclear.

I have the config set, and I still have the exact problem described in the bug report.

/etc/openstack-dashboard/local_settings.py
LOGIN_URL='/horizon/auth/login/'
LOGIN_REDIRECT_URL='/horizon'

Still, when my sessions time out, the browser attempts to go to:
http://myurl.com/auth/logout/?next=/horizon/project/

Instead of:
http://myurl.com/horizon/auth/logout/?next=/horizon/project/

Thanks!!

Revision history for this message
Kymil-arcadia (kymil-arcadia) wrote :

Okay, I think I got this fixed. Maybe this is what Daniel meant to type.

I made the following modification and now the timeout redirect appears to work as it should.

/etc/openstack-dashboard/local_settings.py
LOGOUT_URL='/horizon/auth/logout/'

Revision history for this message
Daniel Speichert (dasp) wrote :

Thanks Kymil-arcadia for pointing out my mistake - reading my own comment again I can't figure out the sense of my solution.

So here is the full story:
By default, /etc/openstack-dashboard/local_settings.py has the following lines:

LOGIN_URL='/horizon/auth/login/'
LOGIN_REDIRECT_URL='/horizon/'

It is necessary to change them to:

LOGIN_URL='/horizon/auth/login/'
LOGOUT_URL='/horizon/auth/logout/'
LOGIN_REDIRECT_URL='/horizon/'

Adding that one extra LOGOUT_URL that you also mentioned. Without that line, Horizon doesn't add the /horizon/ part of the URL, which is required.

James Page (james-page)
Changed in horizon (Ubuntu Trusty):
assignee: nobody → James Page (james-page)
importance: Undecided → High
status: Confirmed → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package horizon - 1:2014.1~b3-0ubuntu2

---------------
horizon (1:2014.1~b3-0ubuntu2) trusty; urgency=medium

  * Ensure correct URL is used for logout/timeout (LP: #1243187):
    - d/p/ubuntu_settings.patch: Update LOGOUT_URL for /horizon prefix.
  * Ensure Apache configuration is backwards compatible with Apache 2.2
    (LP: #1292577):
    - d/openstack-dashboard.conf: Revert changes from 1:2014.1~b2-0ubuntu2.
 -- James Page <email address hidden> Fri, 14 Mar 2014 16:21:00 +0000

Changed in horizon (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.