Bug 1064166

Summary: Login page returns "A Request to the Server failed with the following Status Code: 500"
Product: Red Hat Enterprise Virtualization Manager Reporter: Roman Hodain <rhodain>
Component: ovirt-engine-webadmin-portalAssignee: Nobody <nobody>
Status: CLOSED DUPLICATE QA Contact: Pavel Stehlik <pstehlik>
Severity: high Docs Contact:
Priority: high    
Version: 3.3.0CC: acathrow, awels, ecohen, iheim, juan.hernandez, Rhev-m-bugs, rhodain, yeylon
Target Milestone: ---   
Target Release: 3.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: integration
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-02-13 09:21:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Apache configuration file (1 of 2)
none
Apache configuration file (2 of 2) none

Description Roman Hodain 2014-02-12 07:36:25 UTC 
Description of problem:

	After upgrade from RHEV 3.2 to RHEV 3.3 it is not possible to log onthe
customer portal in some cases. The following ERROR messsge is returned by the
UI:

	Error while executing action: A Request to the Server failed with the following Status Code: 500
 
Then he login form is displayed but all fields are grey.

This eror is followed by a jave exception in jboss server.log

ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/webadmin]] (ajp-/127.0.0.1:8702-27) Exception while dispatching incoming RPC call: java.lang.SecurityException: Blocked request wi      1 thout GWT base path header (XSRF attack?)
      2         at com.google.gwt.rpc.server.RpcServlet.getClientOracle(RpcServlet.java:95) [gwt-servlet.jar:]
      3         at com.google.gwt.rpc.server.RpcServlet.processPost(RpcServlet.java:205) [gwt-servlet.jar:]
      4         at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62) [gwt-servlet.jar:]
      5         at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec.jar:1.0.2.Final-redhat-1]
      6         at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec.jar:1.0.2.Final-redhat-1]
      7         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb.jar:7.2.2.Final-redhat-1]
      8         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb.jar:7.2.2.Final-redhat-1]
      9         at org.ovirt.engine.ui.frontend.server.gwt.GwtCachingFilter.doFilter(GwtCachingFilter.java:132) [frontend.jar:]
     10         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb.jar:7.2.2.Final-redhat-1]
     11         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb.jar:7.2.2.Final-redhat-1]
     12         at org.ovirt.engine.core.branding.BrandingFilter.doFilter(BrandingFilter.java:72) [branding.jar:]
     13         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb.jar:7.2.2.Final-redhat-1]
     14         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb.jar:7.2.2.Final-redhat-1]
     15         at org.ovirt.engine.core.utils.servlet.LocaleFilter.doFilter(LocaleFilter.java:64) [utils.jar:]
     16         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb.jar:7.2.2.Final-redhat-1]
     17         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb.jar:7.2.2.Final-redhat-1]
     18         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) [jbossweb.jar:7.2.2.Final-redhat-1]
     19         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb.jar:7.2.2.Final-redhat-1]
     20         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:499) [jbossweb.jar:7.2.2.Final-redhat-1]
     21         at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web.jar:7.3.0.Final-redhat-14]
     22         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb.jar:7.2.2.Final-redhat-1]
     23         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb.jar:7.2.2.Final-redhat-1]
     24         at org.jboss.web.rewrite.RewriteValve.invoke(RewriteValve.java:466) [jbossweb.jar:7.2.2.Final-redhat-1]
     25         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb.jar:7.2.2.Final-redhat-1]
     26         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb.jar:7.2.2.Final-redhat-1]
     27         at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:488) [jbossweb.jar:7.2.2.Final-redhat-1]
     28         at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:420) [jbossweb.jar:7.2.2.Final-redhat-1]
     29         at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb.jar:7.2.2.Final-redhat-1]
     30         at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_51]


Version-Release number of selected component (if applicable):

RHEV 3.3

How reproducible:

	Sometimes. The same client and browser works for some time and then 
stops working later. In the same time when one clinet is not woring another 
client is.

Steps to Reproduce:

	Not clear yet

Actual results:

	Error messge displayed and it is not possible to log onthe portal

Expected results:

	It is possible to log on the portal
Comment 6 Juan Hernández 2014-02-12 12:11:23 UTC 
Created attachment 862260 [details]
Apache configuration file (1 of 2)
Comment 7 Juan Hernández 2014-02-12 12:12:05 UTC 
Created attachment 862261 [details]
Apache configuration file (2 of 2)
Comment 8 Juan Hernández 2014-02-12 12:19:13 UTC 
The link to "Administration Portal" should not point to https://RHEVM-FQDN/ovirt-engine/webadmin, but to https://RHEVM-QDN/webadmin/webadmin. Please try the following and report the result:

  # wget wget --no-check-certificate https://RHEVM-QDN
  # grep "Administration Portal" index.html

The result should be this:

  <a href="/webadmin/webadmin/WebAdmin.html?locale=en_US">Administration Portal</a>

The relevant thing here is that the href should be absolute, starting with slash.

It may also happen that during the upgrade the the Apache configuration hasn't been updated correctly. Please check the configuration files in the /etc/httpd/conf.d directory. There should be only two RHEV-M related files there, and should contain the same that the attached ovirt-engine-root-redirect.conf and z-ovirt-engine-proxy.conf files.
Comment 9 Juan Hernández 2014-02-12 12:20:58 UTC 
Note that this GWT error may still happen if the user types manually the wrong URL, for example:

  https://RHEVM-FQDN/ovirt-engine/webadmin/webadmin

This will load the application, but it won't work due to the GWT security restrictions.
Comment 10 Alexander Wels 2014-02-12 14:10:23 UTC 
I believe this issue is due to the wrong branding package installed. My guess is they have 1-4 installed and they need 1-5 which fixes this issue. They also probably have duplicate links to webadmin and user portal.

I believe this is a duplicate of [1]

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1059082