Dashboard: user configurable browserNoActivityTimeout
Environment
Dashboard version: 1.7.1
Kubernetes version: 1.8.4
Operating system: Oracle Linux 7.4
Node.js version: N/A
Go version: N/A
Steps to reproduce
Login to Web UI, sit 5 minutes, navigate on the Web UI
Observed result
the user is thrown to the login page. relogin does not get to the old page, e.g., select non default namespace
Expected result
- the timeout should be configurable at installation time.
- login after a timeout should restore the old page, at least restore the selection of namespace.
Comments
wu105
All 3 comments
the timeout should be configurable at installation time.
Default session timeout is set to 15 min as specified here: https://github.com/kubernetes/dashboard/blob/master/src/app/backend/auth/api/types.go#L29
It is a configurable option already and can be changed by token-ttl argument as described here: https://github.com/kubernetes/dashboard/wiki/Dashboard-arguments
login after a timeout should restore the old page, at least restore the selection of namespace.
It is normal behavior. After logout and login, you are normally redirected to some default page. In our case, it is overview page in a default namespace.
floreks
on 6 Feb 2018
@wu105 Yes, by default behavior, after the login it will always redirect to the Default Namespace. If you want to change the default namespace. You may need to modify the configure inside source and rebuild the image.
In our case, we design simply let the login page to have a ?namespace= parameter to redirect to the desired namespace. In order to do so, we need to modify dashboard/src/app/frontend/common/namespace/module.js, and rebuild the whole docker image.
mike818148
on 2 Nov 2018
Hardwired namespace is convenient to implement, but is a pain for the user to correct, repeatedly.
You may want to check how the widely used sso siteminder handles login.
My understanding is that if log in is required, the initial url will be redirected to the login page, and the login page will redirect back to the original intended url after successful login. This is doable because the intended url is known at the point the login page is generated, and it is stored as part of the login page url. In our case, we only need to store the namespace name.
wu105
on 2 Nov 2018
Related issues
pavankjadda
路
3Comments
kasunsjc
路
3Comments
puja108
路
5Comments
andrei-dascalu
路
3Comments
billcloud-me
路
5Comments
Most helpful comment
Hardwired namespace is convenient to implement, but is a pain for the user to correct, repeatedly.
You may want to check how the widely used sso siteminder handles login.
My understanding is that if log in is required, the initial url will be redirected to the login page, and the login page will redirect back to the original intended url after successful login. This is doable because the intended url is known at the point the login page is generated, and it is stored as part of the login page url. In our case, we only need to store the namespace name.