[
https://issues.apache.org/jira/browse/AMQ-9786?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sérgio Lemos updated AMQ-9786:
------------------------------
Description:
The "Logout" link the top right corner of the Web Console behaves differently
depending on the browser.
When testing on Chrome it redirects to "/admin/logout.jsp" and the username and
password are requested again, which seems the intended behavior. However on
Firefox and Safari, even though it redirects to logout.jsp the "session"
remains active (no new credentials are asked) and the console remains fully
functional (as if the use was still logged in).
I suspect it happens because logout.jsp sends a 401 error back and likely is up
to the browser to decide on what to do.
was:
The "Logout" link the top right corner of the Web Console behaves differently
depending on the browser.
When testing on Chrome it redirects to "/admin/logout.jsp" and the username and
password are requested again, which seems the intended behavior. However on
Firefox and Safari, even though it redirects to logout.jsp the "session"
remains active (no new credentials are asked) and the console remains fully
functional (as if the use was still logged in).
I suspect that it happens because logout.jsp sends a 401 error back and likely
is up to the browser to decide on what to do.
> Web Console has inconsistent log out behavior
> ---------------------------------------------
>
> Key: AMQ-9786
> URL: https://issues.apache.org/jira/browse/AMQ-9786
> Project: ActiveMQ Classic
> Issue Type: Improvement
> Components: Web Console
> Affects Versions: 5.x, 6.x
> Reporter: Sérgio Lemos
> Priority: Minor
>
> The "Logout" link the top right corner of the Web Console behaves differently
> depending on the browser.
>
> When testing on Chrome it redirects to "/admin/logout.jsp" and the username
> and password are requested again, which seems the intended behavior. However
> on Firefox and Safari, even though it redirects to logout.jsp the "session"
> remains active (no new credentials are asked) and the console remains fully
> functional (as if the use was still logged in).
>
> I suspect it happens because logout.jsp sends a 401 error back and likely is
> up to the browser to decide on what to do.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
