BUG: Random logouts on CMK 2

After updating to v2 (from 1.6.0p20-1), I often experience logouts and redirect to the login page while navigating the web UI, and also the desktop client nagstamon gives me authentication error and I have to login again:

I think I got the issue… apparently now when a user logs in, their previous sessions are invalidated… So I’ll have to create a separate user for each nagstamon instance

Hallo,
known problem.
Happens here when changing configs using a remote script.
You should send a message to the feedback adress.

Ralf

There is already an option to enable or disable this behavior.
“Limit login to single session at a time” inside the global options
If this is not working you should report this as an bug.

I have that setting disabled:
image

Thank, however I don’t think that’s the case, because it happens also if I login, then open an incognito window and login there, the non-incognito gets logged out, without changing any config using remote scripts

I checked on one of my system v2.0.0p1 and had no problem setting is not set and i can login in two different browsers and get no logout in the first one.
It’s strange

It get’s “better” if i activate this setting and logout with all users and try to login again it means another session is running :frowning:
That means you can only login one time and the next login is forbidden not the first one is logged out.

From the inline help

Normally a user can login to the GUI from unlimited number of clients at the same time. If you want to enforce your users to be able to login only once (from one client which means device and browser), you can enable this option. When the user logs out or is inactive for the configured amount of time, the session is invalidated automatically and the user has to log in again from the current or another device.

It is not working that the session is invalidated at logout. Or it is not invalidated completely. Your own session is invalid but you cannot login for the time defined as inactive time for this rule.

There was a problem with invalidation of sessions if “Limit login to single session at a time” is used. This will be fixed with werk #12625.

Regarding the “random logouts”…
I can not reproduce this. Would be helpful to get a hint how to do that.

I Wonder if it is a multisite issue. When ever an update is made to the top tier site it logs out the child sites.

Do you mean activation of changes on the central site?

When I save a change prior to activation.

Has anyone found a fix for this?

I would be interested too. Since 2.0 we have the same problem with random logouts / invalidating previous sessions. Setting “Limit login to single session at a time” is disabled.

I’m still not able to reproduce this behaviour.
Would be nice to have a screenshot of the site connection options of a remote site that is affected by this logouts.
(“Setup” - “Distributed monitoring” - “Properties” of that site)

For us, this has nothing to do with config changes or with remote sites. Whenever a new session is created, the old one is no longer valid.