You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@druid.apache.org by GitBox <gi...@apache.org> on 2022/01/20 23:02:57 UTC

[GitHub] [druid] andrewm-aero opened a new issue #12183: pac4j extension does not handle logouts/session expirations

andrewm-aero opened a new issue #12183:
URL: https://github.com/apache/druid/issues/12183


   ### Affected Version
   
   v0.22.0
   
   ### Description
   
   The pac4j extension does not gracefully handle login expirations in the unified console. The first request to the unified console HTML endpoint correctly redirects to the OIDC login page, which then correctly redirects back to the console. The plugin seems to assume that the original token will always work, and if it doesn't, will get into a loop of attempting a background request (e.g. /druid/v2/sql), which fails due to CORS, instead of redirecting the user to the login page. This breaks the functionality of the console, and can only be fixed by manually refreshing the page. This behavior is not observed with any other application we have connected to this same OIDC provide with identical configurations.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org