With forms based auth, if browser is more than 20 mins in a future compared to server, correct authentication is successful but ipa_session immediately expires because it's life time is only 20 mins (expiration time is declared by server).
In other words, user can't log in with "your session has expired" error message.
Web UI could detect this time difference by comparing date header of HTTP response with current browser time and then warn the user.
var date = new Date(xhr.getResponseHeader('Date'));
var diff = Date.now() - date.getTime();
var minutes = diff / 1000 / 60;
Metadata Update from @pvoborni:
- Issue assigned to someone
- Issue set to the milestone: FreeIPA 4.5 backlog
Metadata Update from @pvomacka:
- Issue close_status updated to: None
- Issue tagged with: webui
Metadata Update from @stsymbal:
- Issue tagged with: bug
It might not be valid anymore since the introduction gssproxy in the backend. Needs to be verifed.
to comment on this ticket.