[
https://issues.apache.org/jira/browse/RANGER-3457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nitin Galave updated RANGER-3457:
---------------------------------
Description:
1)
*Steps:*
1. Configured ranger.service.inactivity.timeout to 45 sec
2. Opened ranger UI on multiple tabs.
3. Left the session idle for 40 secs
4. once the popup for session idle going to expire shows up clicked on the
"stay logged in" button and performed an operation in one of the tabs.
*Observation*
# Other tabs which were opened removed the RangerSessionID, but the tab which
became active before timeout still using the same RangerSessionID.
# Clicking a link from the above active tab to a new tab still uses the same
RangerSessionID which was removed earlier
# But when clicking ranger ui from CP it opens with a new RangerSessionID
*Note:*
Though using RangerSessionID which was removed in other tabs, i was able to
navigate and perform policy updates. But not sure if any other action will fail
based on session which was removed
2)
*Steps:*
1. Configured ranger.service.inactivity.timeout to 40 sec and restarted Ranger
2. Open Ranger UI on an incognito window with hrt_qa/Password@123
3. Didnt perform any operation / mouse operation for 4 mins
*Issue:*
Idle logout wizard (with "logout now" and "stay logged in" is not shown)
was:
1)
*Steps:*
1. Configured ranger.service.inactivity.timeout to 45 sec
2. Opened ranger UI on multiple tabs.
3. Left the session idle for 40 secs
4. once the popup for session idle going to expire shows up clicked on the
"stay logged in" button and performed an operation in one of the tabs.
*Observation*
# Other tabs which were opened removed the RangerSessionID, but the tab which
became active before timeout still using the same RangerSessionID.
# Clicking a link from the above active tab to a new tab still uses the same
RangerSessionID which was removed earlier
# But when clicking ranger ui from CP it opens with a new RangerSessionID
*Note:*
Though using RangerSessionID which was removed in other tabs, i was able to
navigate and perform policy updates. But not sure if any other action will fail
based on session which was removed
2)
*Steps:*
1. Configured ranger.service.inactivity.timeout to 40 sec and restarted Ranger
2. Open Ranger UI on an incognito window with hrt_qa/Password@123
3. Didnt perform any operation / mouse operation for 4 mins
*{color:#de350b}Issue:{color}*
Idle logout wizard (with "logout now" and "stay logged in" is not shown)
> [Session Timeout-Ranger]With multiple tabs if one tab encounters session idle
> timeout other active tab still continues with old/invalid session cookie.
> -------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: RANGER-3457
> URL: https://issues.apache.org/jira/browse/RANGER-3457
> Project: Ranger
> Issue Type: Improvement
> Components: Ranger
> Affects Versions: 3.0.0, 2.2.0
> Reporter: Nitin Galave
> Assignee: Nitin Galave
> Priority: Major
> Fix For: 3.0.0, 2.2.0
>
> Attachments: 0002-RANGER-3457.patch
>
>
> 1)
> *Steps:*
> 1. Configured ranger.service.inactivity.timeout to 45 sec
> 2. Opened ranger UI on multiple tabs.
> 3. Left the session idle for 40 secs
> 4. once the popup for session idle going to expire shows up clicked on the
> "stay logged in" button and performed an operation in one of the tabs.
> *Observation*
> # Other tabs which were opened removed the RangerSessionID, but the tab
> which became active before timeout still using the same RangerSessionID.
> # Clicking a link from the above active tab to a new tab still uses the same
> RangerSessionID which was removed earlier
> # But when clicking ranger ui from CP it opens with a new RangerSessionID
> *Note:*
> Though using RangerSessionID which was removed in other tabs, i was able to
> navigate and perform policy updates. But not sure if any other action will
> fail based on session which was removed
> 2)
> *Steps:*
> 1. Configured ranger.service.inactivity.timeout to 40 sec and restarted
> Ranger
> 2. Open Ranger UI on an incognito window with hrt_qa/Password@123
> 3. Didnt perform any operation / mouse operation for 4 mins
> *Issue:*
> Idle logout wizard (with "logout now" and "stay logged in" is not shown)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
