Closed ViliusS closed 2 months ago
Did this occur after upgrading to 2024.1? Was this bug in the previous version?
I didn't test with 2023.x, but 4.6.11 was working fine.
Hi, I was not able to reproduce the issue. Do you have specific configuration that you have set? Whats the URL to access the dashboard? do you see the logout button?
Yes, I can see the logout button. I cannot share URL because it is not public, but could it be something with caching headers? I'm running Axon Server UI behind GKE load balancer. These are steps I took to verify:
And this is what I saw in the logs:
2024-07-29 21:37:18.926 EEST Login with username "userA".
2024-07-29 21:37:18.927 EEST [userA] Subscribed to context updates.
2024-07-29 21:37:19.467 EEST [userA] Request to list contexts.
2024-07-29 21:38:39.382 EEST Login with username "userB" FAILED: Bad credentials
2024-07-29 21:38:49.509 EEST Login with username "userB".
2024-07-29 21:38:50.975 EEST Login with username "userA".
2024-07-29 21:38:51.018 EEST Login with username "userA".
2024-07-29 21:38:51.019 EEST [userA] Subscribed to context updates.
2024-07-29 21:38:51.519 EEST [userA] Request to list contexts.
From the logs it looks like server logs-in with correct userB at first, but then old session is initiated and UI is redirected to userA instead?
UPDATE: Found it. This was indeed caching issue and is related to this issue. What I was seeing in HTTP logs is (as per other other issue):
Authorization: Basic base64xxxxx
header is always the same.
I have decoded base64 value and it always gives me the username/password of the last successful logged in user.I had to clear browser cache completely because clearing via Dev Tools just clears cache on https://myurl but not on http://myurl. Old http:// link probably contained older version of cache or cookies.
After upgrade to Axon Server 2024.1.0 we can no longer switch to different user in Axon Server UI. If we click Logout button and the try to login with new user it still gets logged in with an old user.
I guess there is something wrong with auth cookies because if I open InPrivate browser window or clear all cookie it starts to work again. Though, after successful login with another user once we are still stuck with it the same way as before.