View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
1453 | RackTables | default | public | 2015-03-23 00:27 | 2017-09-11 14:30 |
Reporter | infrastation | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | duplicate | ||
Product Version | 0.20.10 | ||||
Summary | 1453: Odd problem when logging out | ||||
Description | (This had been originally reported by Theodore Van Iderstine, it reproduces for me as described below.) I've recently installed version 0.20.10 (but I don't know that it only started with this version.) If I log in using the builtin admin account, without clicking on anything, mouseover of the logout button shows the following: https://logout@host.domain.local/?logout If I click on Rackspace, and then mouseover the logout button, it shows the following: https://logout@host.domain.local/racktables/?logout The installation is on CentOS 6 and the files are under "/var/www/html/racktables". Is this a known bug or do I have likely something misconfigured. | ||||
Tags | No tags attached. | ||||
duplicate of | 496 | closed | infrastation | logout did not work as expected |
+1, and more information: After following (in my case) https://logout@10.x.x.x/?logout , Firefox warns: " You are about to log in to the site "10.x.x.x" with the username "logout", but the website does not require authentication. This may be an attempt to trick you. Is "10.x.x.x" the site you want to visit? " If I confirm Yes, I am shown my Apache 2 Test Page, and I am not prompted for any authentication. From here, when I open https://10.x.x.x/racktables I am not prompted for credentials, and I am already logged in as admin. I observe this in Firefox 36.0.4 and Chrome 41.0.2272.101 m. In IE 11, the 'logout' link does not even appear to have a target. Next step: If I navigate within RackTables, then hover over 'logout,' the link has become https://logout@10.x.x.x/racktables/?logout In Chrome, when I click 'logout,' the page does not change, but I am prompted for credentials. If I decline to provide them, the browser shows "This system requires authentication. You should use a username and a password." If I immediately re-attempt https://10.x.x.x/racktables, I am not prompted for credentials and am already logged in as admin. In Firefox, when I clock 'logout,' the page does not change, but I am prompted for credentials. If I decline to provide them, the browser shows "This system requires authentication. You should use a username and a password" (same as Chrome). But, if I immediately re-attempt https://10.x.x.x/racktables, I am prompted for credentials and must provide them. Summarizing: * If *no* navigation within RackTables is performed after login, the logout URL does not contain the segment "/racktables". When clicking 'logout', the session appears to be not destroyed. * If navigation *is* performed within RackTables, the logout URL *does* contain the segment "/racktables". When clicking 'logout', the session appears to be destroyed in Firefox, but *not* destroyed in Chrome. * No matter what, IE 11 doesn't even realize that 'logout' is a link. |
|
Hi. I am new to racktables. I know the above problem in terms of "won't work with https". I think the main problem is when you switch from http to https. + installed and setup racktables with http -> logout link a bit strange - but works okay + switched to https -> logout link does not work anymore + switched back to http (commenting out lines in site.conf) -> logout link works The messages @pRZelAHkmB78 showed are exactly what happens when switched to https. All example links above use https. So I assume I have exactly the same problem but only when I use https. My question is: what do I have to do to enable racktables logout over https? I attached the different "log out boxes" regarding http (working) and https (not working). Please excuse the use of German language in these images. The text says what @pRZelAHkmB7 wrote. |
|
I think my problem is due to my setup. I run racktables in lxd container with apache reverse proxy. Outside i run https, but inside the container i run only http. This part of the code is causing my problems, because the serving host (in the container) hasn't https running: function showLogoutURL () { $https = (isset ($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 's' : ''; // some more code printf ('http%s://logout@%s%s?logout', $https, $_SERVER['SERVER_NAME'], $dirname); ### I commented setting $https and changed the line to printf ('https://logout@%s%s?logout', $_SERVER['SERVER_NAME'], $dirname); Sorry for the noise! |
|
Finally I was able to reproduce this bug and find why it happens. No solution yet. | |
Bug 496 has the resolution for this problem, all other similar bugs have been marked as duplicate. Closing. | |
Date Modified | Username | Field | Change |
---|---|---|---|
2015-03-23 00:27 | infrastation | New Issue | |
2015-03-30 23:39 | pRZelAHkmB78 | Note Added: 0002803 | |
2015-03-31 00:22 | pRZelAHkmB78 | Note Edited: 0002803 | |
2017-09-06 17:19 | ronator | File Added: Auswahl_833.png | |
2017-09-06 17:19 | ronator | File Added: Auswahl_834.png | |
2017-09-06 17:19 | ronator | Note Added: 0003689 | |
2017-09-07 10:24 | ronator | Note Added: 0003693 | |
2017-09-08 22:10 | infrastation | Status | new => acknowledged |
2017-09-08 22:10 | infrastation | Note Added: 0003699 | |
2017-09-11 14:29 | infrastation | Relationship added | duplicate of 496 |
2017-09-11 14:30 | infrastation | Status | acknowledged => closed |
2017-09-11 14:30 | infrastation | Resolution | open => duplicate |
2017-09-11 14:30 | infrastation | Note Added: 0003703 |