[Kimchi-devel] [PATCH 0/4 V2] Let frontend redirect user after logging

Aline Manera alinefm at linux.vnet.ibm.com
Fri Jul 18 12:18:22 UTC 2014 

On 07/17/2014 11:49 PM, Wen Wang wrote:
>
> On 07/17/2014 08:09 PM, Aline Manera wrote:
>>
>> On 07/17/2014 12:38 AM, Wen Wang wrote:
>>> Thanks Aline. There is a problem with this patch is that after login 
>>> , connect to a VM and copy the vnc link. Then close both kimchi and 
>>> vnc, you will get to vnc with the link you copied as well as kimchi 
>>> again without asking for a password.
>>
>> Hi Wen Wang,
>>
>> This is working as design as you didn't logout from Kimchi interface, 
>> the session is still alive in cherrypy server because that you are 
>> not asked for authentication
>>
>> If you check the current code on master branch you will see it also 
>> behaves like that
> Thanks Aline,
>
> Thanks for the clearify. I found out even after closing the browser, 
> paste the url you copied from either kimchi or vnc, you can access 
> kimchi or vnc without asking for authentication with login page. Do 
> you think this need to be fixed?

I don't have a formed opinion on that.
I am open to hear suggestions

 From one side, we have the timeout session, i.e. if browser is closed 
for more than 10 minutes the session will timeout and the user will be 
asked for login

But in other hand, we could logout user when he/she closes the browser 
window to improve security.

>>
>>>
>>> Best Regards
>>> Wang Wen
>>>
>>> On 07/17/2014 12:44 AM, alinefm at linux.vnet.ibm.com wrote:
>>>> From: Aline Manera <alinefm at linux.vnet.ibm.com>
>>>>
>>>> V1 -> V2:
>>>> - Turn back next_url parameter to fix problems mentioned by Wen Wang
>>>> - Use urllib2.quote() to encode next_url in backend
>>>> - Use decodeURIcomponent() to decode next_url in JS
>>>>
>>>> Aline Manera (4):
>>>>    Update test case to reflect new login design
>>>>    Remove former login design files
>>>>    Remove special console rules from nginx configuration
>>>>    Let frontend redirect user after logging
>>>>
>>>>   src/kimchi/auth.py                    |   9 +--
>>>>   src/kimchi/root.py                    |  19 +----
>>>>   src/nginx.conf.in                     |  11 ---
>>>>   tests/test_rest.py                    |   2 +-
>>>>   ui/css/theme-default/login-window.css |  90 ------------------------
>>>>   ui/js/src/kimchi.login.js             |  71 +++++++++++++++++++
>>>>   ui/js/src/kimchi.login_window.js      | 128 
>>>> ----------------------------------
>>>>   ui/pages/login-window.html.tmpl       |  53 --------------
>>>>   ui/pages/login.html.tmpl              |  36 ++--------
>>>>   9 files changed, 79 insertions(+), 340 deletions(-)
>>>>   delete mode 100644 ui/css/theme-default/login-window.css
>>>>   create mode 100644 ui/js/src/kimchi.login.js
>>>>   delete mode 100644 ui/js/src/kimchi.login_window.js
>>>>   delete mode 100644 ui/pages/login-window.html.tmpl
>>>>
>>>
>>> _______________________________________________
>>> Kimchi-devel mailing list
>>> Kimchi-devel at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>>>
>>
>

More information about the Kimchi-devel mailing list