Bug 1078790

Summary: cannot log in after the upgrade, expected pbkdf2_sha512 hash
Product: [Retired] Beaker Reporter: Petr Sklenar <psklenar>
Component: schedulerAssignee: beaker-dev-list
Status: CLOSED NOTABUG QA Contact: tools-bugs <tools-bugs>
Severity: urgent Docs Contact:
Priority: urgent    
Version: developCC: aigao, asaha, azelinka, ckannan, dcallagh, jmolet, llim, rmancy, xjia
Target Milestone: ---Keywords: Regression, Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-03-21 08:13:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Petr Sklenar 2014-03-20 10:30:14 UTC 
Description of problem:
I cannot login with username + password after the upgrade to Version 0.16.0

Version-Release number of selected component (if applicable):
rpm -qf `which bkr`
beaker-client-0.16.0-2.el6eng.noarch


How reproducible:
always

Steps to Reproduce:
1.
[psklenar@liver2 ~]$ bkr whoami
XML-RPC fault: <class 'bkr.server.identity.IdentityFailure'>: Anonymous access denied
[psklenar@liver2 ~]$ cat ~/.beaker_client/config 
HUB_URL = "https://beaker.engineering.redhat.com"
AUTH_METHOD = "password"
USERNAME = "tip"
PASSWORD = "XXXXXXXXXXXXXX"


[psklenar@liver2 ~]$ rpm -qf `which bkr`
beaker-client-0.16.0-2.el6eng.noarch
[psklenar@liver2 ~]$ bkr whoami
XML-RPC fault: <type 'exceptions.ValueError'>:expected pbkdf2_sha512 hash, got pbkdf2_sha512 config string instead
[psklenar@liver2 ~]$ bkr whoami
XML-RPC fault: <type 'exceptions.ValueError'>:expected pbkdf2_sha512 hash, got pbkdf2_sha512 config string instead


Actual results:
pbkdf2_sha512 hash, got pbkdf2_sha512 config string instead

Expected results:
it works

Additional info:
Comment 4 J.C. Molet 2014-03-20 18:07:55 UTC 
I was able to reproduce this as well using the bkr client set to password auth.  I also run into this issue when logging into the web ui using password auth (reproducible by disabling kerberos auth in my browser).
Comment 5 Dan Callaghan 2014-03-20 23:52:05 UTC 
This is not a bug, but rather a minor mishap during the Beaker 0.16 upgrade of our internal instance affecting two bot accounts: cloudqe and tip.

I already commented on the RT ticket but I'll repeat it here. Part of the upgrade was to extend the password column from 40 characters to TEXT, to handle the longer password hashes. The Beaker application was accidentally started before the database upgrades were complete, and the two affected bot accounts logged in during this time, so Beaker stored the new password hash and MySQL silently truncated it to 40 characters.

The solution is to reset the password for the two affected accounts.
Comment 6 Dan Callaghan 2014-03-20 23:52:52 UTC 
(In reply to J.C. Molet from comment #4)
> I was able to reproduce this as well using the bkr client set to password
> auth.  I also run into this issue when logging into the web ui using
> password auth (reproducible by disabling kerberos auth in my browser).

The web UI for Red Hat's Beaker instance only accepts Kerberos authentication, it doesn't use Beaker passwords. If you are having trouble with Kerberos authentication then it is a different issue than the one in this bug.
Comment 7 Petr Sklenar 2014-03-21 07:51:40 UTC 
HI,
there is still the same issue:
[psklenar@liver2 ~]$ bkr whoami
XML-RPC fault: <type 'exceptions.ValueError'>:expected pbkdf2_sha512 hash, got pbkdf2_sha512 config string instead
[psklenar@liver2 ~]$ bkr task-details /distribution/reservesys
XML-RPC fault: <type 'exceptions.ValueError'>:expected pbkdf2_sha512 hash, got pbkdf2_sha512 config string instead
[psklenar@liver2 ~]$ date
Fri Mar 21 08:47:25 CET 2014
Comment 10 Nick Coghlan 2014-03-21 08:16:10 UTC 
Note that the upstream Beaker project cannot help with instance specific account issues, such as those impacting accounts that had their password data corrupted by attempting to log in while the database upgrade was still in progress.