Details
-
Fix
-
Status: Dismissed (View Workflow)
-
Minor
-
Resolution: Fixed
-
1.12
-
None
Description
Current Situation
Consider an LDAP account MyAccount:MyPass.
A Login with myaccount:MyPass will be authenticated but the Cockpit will freeze - usually, but not always, when loading the Dashboard view.
- The User has to close the Browser Tab to be able to continue.
- The Login POST method (/joc/api/security) carries the following text:
{"enableTouch":true,"sessionTimeout":900000,"user":"myaccount","accessToken":"***","hasRole":false,"isAuthenticated":true,"isPermitted":false}
- The configuration POST (/joc/api/) later returns 403 Forbidden.
The log file shows:
2017-12-28 17:00:42,171 INFO tp1347137144-600 c.s.j.c.JOCDefaultResponse - REQUEST: ./configuration PARAMS: {"jobschedulerId":"jobscheduler_1.12","id":9,"shared":false} USER: myaccount 2017-12-28 17:00:42,171 ERROR tp1347137144-600 c.s.j.c.JOCDefaultResponse - Access denied
Note: the exact behavior is browser dependent - the WebKit browsers (and sometimes FF) will load the Dashboard with most Widgets being empty and then freeze after the first click on a menu item.
Desired Behaviour
Login behaviour should be clarified:
- how should an authenticated User with neither Roles nor Permissions be 'caught' before the JOC Cockpit interface starts to open?
The Cockpit should not freeze regardless of whether the user has Roles or Permissions.