Pivotal Knowledge Base

Follow

OAuth2 Token Timeouts not working for Apps Manager

Environment

Pivotal Cloud Foundry: 1.8, 1.9, 1.10

Symptom

AppsManager is not expiring OAuth2 Token after reaching expiration time.

This issue may be noticed when configuring OAuth2 Token Timeouts in Elastic Runtime tile in Ops Manager (‘Authentication and Enterprise SSO’ page ). Apps Manager does not properly recognize Access Token Lifetime and Apps Manager Refresh Token Lifetime settings configured in ERT.

Apps manager login will not expire until clicking ‘My Account’ from the drop down in the top-right corner. Access to orgs, spaces, and apps continue to work after log in despite token expiration.

AppsManager does not properly enforce these settings in OpsManager > Authentication and Enterprise SSO:

Screen_Shot_2017-07-14_at_1.57.03_PM.png

Cause

This issue is a defect related to Elastic Runtime not updating the expiry time on the apps_manager_js client.

Resolution

Apps manager login will not expire until clicking ‘My Account’ from the drop down in the top-right corner. Access to orgs, spaces, and apps continue to work after log in despite token expiration.

This issue will be fixed in patch releases for 1.9, 1.10, and 1.11 release of Elastic Runtime for Pivotal Cloud Foundry. 

Additional Information

 

Comments

Powered by Zendesk