Details
-
Bug
-
Resolution: Not a Bug
-
Minor
-
2.7.0.GA
-
None
-
False
-
False
-
Undefined
-
Description
Some API calls are not working, when user didn't log in to CRW for longer period then the expiration period of the openshift token.
Please see "Steps to reproduce" to see what's actually happening.
It seems like keycloak somehow returns che the expired openshift token.
Logging to Che using UI (browser) fixes this and user can again do API calls again (for a day).
We took a look into keycloak database and really. Until user logs in through UI, the openshift token, that keycloak is holding is expired (`psql keycloak -c "select token from federated_identity"`). Once User logs in through UI, the token gets updated to valid one.
I'm setting this issue as "Critical" as it's a relatively big obstacle for our load tests (going through UI login for every used user every day... cc. kkanova )
Attachments
Issue Links
- relates to
-
CRW-2018 Your session has expired. Please login to Che again to get access to your OpenShift account
- Closed
- links to