View Issue Details

IDProjectCategoryView StatusLast Update
0000496RackTablesdefaultpublic2016-12-14 21:04
Reporterracktabler 
Assigned Toandriyanov 
PrioritynormalSeveritymajorReproducibilityalways
Status assignedResolutionopen 
Product Version0.19.10 
Target VersionFixed in Version 
Summary0000496: logout did not work as expected
DescriptionWhen i click "here" to logout i get the Login Prompt as expected. If i cancle that i get the "This system requires authentication. You should use a username and a password." message. But now i can use the browser back button and i don't have to login again, the previous logged out user is login in again without entering any username and password.

Logout only works correctly if i use Firefox.
With Opera and IE logout doesn't work.
TagsNo tags attached.

Relationships

has duplicate 0001579 closed Logout Loop after initial installation 

Activities

infrastation

2012-02-18 08:27

administrator   ~0000614

Alexey, could you check with your browsers? Thank you.

hg-xing

2012-04-13 10:08

reporter   ~0000644

Hi,

I can verfiy this bug with svn version 5042.

Chrome and Firefox correctly purge their authorization caches after receiving a 401 status. However Opera and IE (didn't verify the last one) don't do that. The problem arises because every page in racktables can handle http based authorization ( not just one login page ).

infrastation

2012-04-15 08:48

administrator   ~0000645

Hannes, Alexey, can you replace HTTP authentication with a login form and cookie?

suyashjain

2014-06-12 18:52

reporter   ~0002351

i am facing the same issue with firefox also.while i logout in chrome , it works but logout actually does not happen and i am able to go inside. i am using the latest version

lhamilton1807

2014-08-06 19:55

reporter   ~0002439

While using Chrome and 0.20.8 I can hit the [logout] link, but then it immediately asks for my user/pass again. However, it won't authenticate even when I enter a valid username and password. I have to click the logout link, close the tab, and then open a new one to log in again. It obviously logs me out, but the authentication prompt should either (a) work after logging out or (b) return me to a login page. I personally think a login page w/cookies would be a good way to go.

tleavitt

2016-01-13 21:06

reporter   ~0003103

I ran into this on Firefox 43.0.4, and in Chrome Version 47.0.2526.106 m
 as well.

With Firefox, hitting "logout" would take me to the root of the server http://servername/?logout, and wouldn't actually log me out. Then I had problems actually authenticating to get back in if it did (just kept on prompting me to login, even when I was entering copy / pasted credentials that I knew were correct). In Chrome, after I logged out, I couldn't log back in again until I had cleared the browser settings.

This is a show stopper for deployment. The folks where I'm looking at putting this into production are leery of "unsupported" open source software, and are all about "ease of use". I can use this myself with the workarounds, but I can't share this out.

racktabler

2016-01-14 09:06

reporter   ~0003105

see
https://github.com/RackTables/racktables/pull/107
for possible solution

racktabler

2016-06-01 15:22

reporter   ~0003215

While testing another feature i again stumbled upon this annoying logout behaviour.
Any progess on this?

kiweegie

2016-12-14 20:26

reporter   ~0003523

Last edited: 2016-12-14 21:04

View 2 revisions

I am seeing this on version 0.20.11 newly installed on Ubuntu 14.04.5.

Browers tested on a Windows 10 64bit laptop

Firefox 50.0.2
Chrome 54.0.2840.99 m (64-bit)
Internet Explorer 11.0.10240.16384

Symptoms:

On Firefox and Chrome clicking the logout takes me from http://racktables-server/racktables to http://racktables-server/logout?
Clicking back button takes me back to logged in status (as admin). Changing URL manually does the same.

On Internet Explorer the logout button just doesn't work - is not clickable.

I have tried this on a vanilla setup using

$user_auth_src = 'database';
$require_local_account = TRUE;

And an attempt at LDAP setup using

$user_auth_src = 'ldap';
$require_local_account = FALSE;

I've read through the wiki under both local auth and the Shibboleth sections but as local authentication is doing this I assume a bug? If it *is* expected behaviour then a message about it in the wiki along with a suggested workaround (in laymans terms) would benefit users. User tleavitt mentions workaround but i've not found what that workaround is - if anyone would care to share?

regards Kiweegie.

Issue History

Date Modified Username Field Change
2011-12-07 08:31 racktabler New Issue
2012-02-18 08:27 infrastation Status new => assigned
2012-02-18 08:27 infrastation Assigned To => andriyanov
2012-02-18 08:27 infrastation Note Added: 0000614
2012-04-13 10:08 hg-xing Note Added: 0000644
2012-04-15 08:48 infrastation Note Added: 0000645
2014-06-12 18:52 suyashjain Note Added: 0002351
2014-08-06 19:55 lhamilton1807 Note Added: 0002439
2016-01-13 21:06 tleavitt Note Added: 0003103
2016-01-14 09:06 racktabler Note Added: 0003105
2016-01-30 04:05 adoom42 Relationship added has duplicate 0001579
2016-06-01 15:22 racktabler Note Added: 0003215
2016-12-14 20:26 kiweegie Note Added: 0003523
2016-12-14 21:04 kiweegie Note Edited: 0003523 View Revisions