Skip to content

rabbitmq_management: Fix preference cookie expiry to respect session timeout#15814

Merged
michaelklishin merged 6 commits intomainfrom
honor-login-timeout-for-cookie-expiry
Mar 25, 2026
Merged

rabbitmq_management: Fix preference cookie expiry to respect session timeout#15814
michaelklishin merged 6 commits intomainfrom
honor-login-timeout-for-cookie-expiry

Conversation

@MarcialRosales
Copy link
Copy Markdown
Contributor

@MarcialRosales MarcialRosales commented Mar 24, 2026
edited
Loading

Proposed Changes

Fixes an issue: When a user expands or collapses a page section, or adds/removes columns from a table such as the queues table, the management UI persists that preference in a cookie. The cookie was mistakenly set with a one-year expiry, overriding any configured session timeout or the default session timeout.

As a result, a session would remain valid for a full year, meaning the user would not be prompted to log in again on the same domain for that duration.

Thanks @mkuratczyk for reporting this issue.

Types of Changes

What types of changes does your code introduce to this project?
Put an x in the boxes that apply

  • Bug fix (non-breaking change which fixes issue #NNNN)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause an observable behavior change in existing systems)
  • Documentation improvements (corrections, new content, etc)
  • Cosmetic change (whitespace, formatting, etc)
  • Build system and/or CI

@MarcialRosales MarcialRosales self-assigned this Mar 24, 2026
@MarcialRosales MarcialRosales changed the title Always honor login timeout when setting cookie expiry rabbitmq_management: Always honor login timeout when setting cookie expiry Mar 24, 2026
@MarcialRosales MarcialRosales changed the title rabbitmq_management: Always honor login timeout when setting cookie expiry rabbitmq_management: Fix preference cookie expiry to respect session timeout Mar 24, 2026
@MarcialRosales MarcialRosales marked this pull request as ready for review March 24, 2026 14:56
@michaelklishin michaelklishin added this to the 4.4.0 milestone Mar 25, 2026
@michaelklishin michaelklishin merged commit 72f1d67 into main Mar 25, 2026
185 checks passed
@michaelklishin michaelklishin deleted the honor-login-timeout-for-cookie-expiry branch March 25, 2026 00:40
@mergify mergify Bot mentioned this pull request Mar 25, 2026
Merged
6 tasks
michaelklishin added a commit that referenced this pull request Mar 25, 2026
@michaelklishin
Merge pull request #15823 from rabbitmq/mergify/bp/v4.3.x/pr-15814
9134d0e 
rabbitmq_management: Fix preference cookie expiry to respect session timeout (backport #15814)
@mergify mergify Bot mentioned this pull request Mar 25, 2026
Merged
6 tasks
michaelklishin added a commit that referenced this pull request Mar 25, 2026
@michaelklishin
Merge pull request #15825 from rabbitmq/mergify/bp/v4.2.x/pr-15823
b0b56db 
rabbitmq_management: Fix preference cookie expiry to respect session timeout (backport #15814) (backport #15823)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michaelklishin michaelklishin Awaiting requested review from michaelklishin

Assignees

@MarcialRosales MarcialRosales

Labels

backport-v4.2.x backport-v4.3.x

Projects

None yet

Milestone

4.4.0

Development

Successfully merging this pull request may close these issues.

2 participants

@MarcialRosales @michaelklishin