You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Nitin Galave (Jira)" <ji...@apache.org> on 2021/10/05 11:51:00 UTC
[jira] [Updated] (RANGER-3457) [Session Timeout-Ranger]With
multiple tabs if one tab encounters session idle timeout other active tab
still continues with old/invalid session cookie.
[ https://issues.apache.org/jira/browse/RANGER-3457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nitin Galave updated RANGER-3457:
---------------------------------
Affects Version/s: (was: 2.2.0)
> [Session Timeout-Ranger]With multiple tabs if one tab encounters session idle timeout other active tab still continues with old/invalid session cookie.
> -------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: RANGER-3457
> URL: https://issues.apache.org/jira/browse/RANGER-3457
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
> Affects Versions: 3.0.0
> Reporter: Nitin Galave
> Assignee: Nitin Galave
> Priority: Major
> Fix For: 3.0.0
>
> Attachments: 0002-RANGER-3457.patch, 0003-RANGER-3457.patch
>
>
> 1)
> *Steps:*
> 1. Configured ranger.service.inactivity.timeout to 45 sec
> 2. Opened ranger UI on multiple tabs.
> 3. Left the session idle for 40 secsĀ
> 4. once the popup for session idle going to expire shows up clicked on the "stay logged in" button and performed an operation in one of the tabs.
> *Observation*
> # Other tabs which were opened removed the RangerSessionID, but the tab which became active before timeout still using the same RangerSessionID.
> # Clicking a link from the above active tab to a new tab still uses the same RangerSessionID which was removed earlier
> # But when clicking ranger ui from CP it opens with a new RangerSessionID
> *Note:*
> Though using RangerSessionID which was removed in other tabs, i was able to navigate and perform policy updates. But not sure if any other action will fail based on session which was removed
> 2)
> *Steps:*
> 1. Configured ranger.service.inactivity.timeout to 40 sec and restarted Ranger
> 2. Open Ranger UI on an incognito window with hrt_qa/Password@123
> 3. Didnt perform any operation / mouse operation for 4 mins
> *Issue:*
> Idle logout wizard (with "logout now" and "stay logged in" is not shown)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)