User Request
Type: bug
Target: Console Application
Submitted by: @aaradhychinche-alt
Console Request ID: ae9b8381-e656-47d5-8d37-58f99a4b99ac
Description
What happened:
After logging out, existing WebSocket exec sessions remain active and continue to accept commands.
What I expected:
Logout should invalidate all active sessions, including WebSocket connections.
Steps to reproduce:
- Open a WebSocket exec session (/ws/exec).
- Start an interactive shell.
- In another tab, call POST /auth/logout.
- Continue using the existing exec session.
- Observe that commands still execute.
Relevant area:
Auth + WebSocket exec lifecycle
Suggested improvement:
Ensure logout triggers termination of all active exec sessions.
Impact:
High. Users retain privileged access even after logout, breaking session security guarantees.
This issue was automatically created from the KubeStellar Console.
User Request
Type: bug
Target: Console Application
Submitted by: @aaradhychinche-alt
Console Request ID: ae9b8381-e656-47d5-8d37-58f99a4b99ac
Description
What happened:
After logging out, existing WebSocket exec sessions remain active and continue to accept commands.
What I expected:
Logout should invalidate all active sessions, including WebSocket connections.
Steps to reproduce:
Relevant area:
Auth + WebSocket exec lifecycle
Suggested improvement:
Ensure logout triggers termination of all active exec sessions.
Impact:
High. Users retain privileged access even after logout, breaking session security guarantees.
This issue was automatically created from the KubeStellar Console.