Bug 1062595

Summary: RuntimeException by add-user utility once the user name matches the password (non-interactive mode)
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Petr Kremensky <pkremens>
Component: Scripts and CommandsAssignee: Darran Lofthouse <darran.lofthouse>
Status: CLOSED CURRENTRELEASE QA Contact: Petr Kremensky <pkremens>
Severity: low Docs Contact: Russell Dickenson <rdickens>
Priority: unspecified    
Version: 6.2.0CC: fnasser, kkhan, pgier, sgilda, smumford
Target Milestone: DR6   
Target Release: EAP 6.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Previous versions of JBoss EAP 6 would throw a RuntimeException if a non-interactive call to the `add-user` utility failed (as happens with problematic username/password combinations). This exception was intended to alert scripts that a failure had occurred. The exceptions could, however, be mistaken as a bug since these types of exceptions should not be propagated without being handled. A custom exception has been added to this release of the product to indicate that displaying this exception is intentional and not indicative of a bug in the `add-user` utility.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-28 15:38:53 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Petr Kremensky 2014-02-07 11:48:35 UTC 
Description of problem:
 Passing the same username and password to add-user non-interactively throws RuntinmeException.

Version-Release number of selected component (if applicable):
 6.2.0

How reproducible:
always

Steps to Reproduce:
 1. Navigate inte $EAP_HOME/bin directory
 2. Run: add-user.[sh|bat] asdasd@2 asdasd@2

Actual results:
---------------------------------
 * Error * 
JBAS015238: Username must not match the password.

Exception in thread "main" java.lang.RuntimeException: JBAS015238: Username must not match the password.
	at org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:67)
	at org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)
	at org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:208)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.jboss.modules.Module.run(Module.java:292)
	at org.jboss.modules.Main.main(Main.java:455)
---------------------------------

Expected results:
---------------------------------
 * Error * 
JBAS015238: Username must not match the password.
---------------------------------
Comment 1 Petr Kremensky 2014-02-07 11:55:45 UTC 
Same with the missing password:
bin]$ ./add-user.sh admin

 * Error * 
JBAS015236: No Password entered, exiting.

Exception in thread "main" java.lang.RuntimeException: JBAS015236: No Password entered, exiting.
	at org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:67)
	at org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)
	at org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:208)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.jboss.modules.Module.run(Module.java:292)
	at org.jboss.modules.Main.main(Main.java:455)
Comment 2 Petr Kremensky 2014-02-07 12:59:25 UTC 
Also non-alphanumeric character in password throws RE:
bin]$ ./add-user.sh aaa#aaa asdasd@2

 * Error * 
JBAS015239: Only alpha/numeric usernames accepted.

Exception in thread "main" java.lang.RuntimeException: JBAS015239: Only alpha/numeric usernames accepted.
	at org.jboss.as.domain.management.security.adduser.ErrorState.execute(ErrorState.java:67)
	at org.jboss.as.domain.management.security.adduser.AddUser.run(AddUser.java:130)
	at org.jboss.as.domain.management.security.adduser.AddUser.main(AddUser.java:208)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.jboss.modules.Module.run(Module.java:292)
	at org.jboss.modules.Main.main(Main.java:455)
Comment 3 Permaine Cheung 2014-02-07 15:17:58 UTC 
Darran, please investigate. Thanks!
Comment 4 Petr Kremensky 2014-02-27 13:14:48 UTC 
Same exception for non-existing properties file
bin]$ ./add-user.sh -a -u appuser1 -p password1! -g app1group -sc /home/someusername/userconfigs/ -up appusers.properties -gp appgroups.properties
Exception in thread "main" java.lang.RuntimeException: JBAS015234: No appusers.properties files found
Comment 5 Darran Lofthouse 2014-03-18 15:45:22 UTC 
Just checked and this does not appear to be an upstream issue, this is not surprising as password validation has moved on considerably upstream - the fix here is going to be EAP specific.
Comment 6 Darran Lofthouse 2014-03-18 16:15:24 UTC 
Outputting the exception is valid as this is to indicate to scripts calling in non-interactive mode that a failure occurred - however we should use out own exception type instead of RuntimeException.
Comment 7 JBoss JIRA Server 2014-03-18 16:16:14 UTC 
Darran Lofthouse <darran.lofthouse> updated the status of jira WFLY-3130 to Coding In Progress
Comment 10 Petr Kremensky 2014-03-31 05:48:33 UTC 
Verified on EAP 6.3.0.DR6
Comment 11 Scott Mumford 2014-04-24 01:03:00 UTC 
Refactored release notes text and marked for inclusion in documentation.
Comment 12 sgilda 2014-05-12 20:18:54 UTC 
Changed <literal></literal> tags in Doc Text to ticks (`) to fix Bug 1096865