Bug 1000963

Summary: RHQ 4.9 "Invalid or misspelled module option" - LDAP Login
Product: [Other] RHQ Project Reporter: Stian Lund <stianlund+bugzilla>
Component: Core Server, UsabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.9CC: hrupp, richard.clarke
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1026799    

Description Stian Lund 2013-08-26 08:30:20 UTC 
Description of problem:
Hello.
After installation of RHQ 4.9 I am seeing the following WARNings in the server log:

10:21:39,368 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: BindDN
10:21:39,368 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: Filter
10:21:39,369 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: java.naming.factory.initial
10:21:39,369 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: LoginProperty
10:21:39,369 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: BaseDN
10:21:39,369 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: GroupFilter
10:21:39,369 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: java.naming.provider.url
10:21:39,369 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: GroupMemberFilter
10:21:39,369 WARN  [org.jboss.security] (http-/0.0.0.0:7080-72) PBOX000234: Invalid or misspelled module option: BindPW

This is probably nothing serious, just a bit worrying, and it should not be in the logs if everything works as expected I would think?

Version-Release number of selected component (if applicable):
RHQ 4.9
RHEL 6.4
LDAP login to MS Active Directory

How reproducible:
Always, on login

Steps to Reproduce:
1.Login to RHQ console with LDAP user.
Comment 1 Heiko W. Rupp 2013-08-26 08:47:23 UTC 
This is unfortunately a misbehaving in the underlying AS code, where
the PicketBox code assumes a fixed number of valid options in a login module, which is extended by a number of other login modules.
WildFly will allow to supply a specialized list of allowed options, but AS7/EAP6 does not allow this and thus prints all those annoying warnings.

Those warnings are harmless and can be ignored.

We could suppress just all the warnings for org.jboss.security in the logs, to prevent that spamming, but that would also suppress warnings that are "serious".

We need at least document that those are harmless.
Comment 2 Stian Lund 2013-08-26 09:04:26 UTC 
Thanks for the explanation Heiko.

I just wondered, and it's not a big deal for me, but I first noticed these warnings in 4.9 so I figured something was changed. At least I do not see them in our old 4.5.1 installations.

I would imagine it would confuse people that are having problems configuring their LDAP login correctly and they see these warnings and assume it is causing their problems.