Bug 1186493
| Summary: | External Authentication doesn't work after upgrading cfme | ||
|---|---|---|---|
| Product: | Red Hat CloudForms Management Engine | Reporter: | Christian Jung <cbolz> |
| Component: | Appliance | Assignee: | abellott |
| Status: | CLOSED DUPLICATE | QA Contact: | Dave Johnson <dajohnso> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 5.3.0 | CC: | jhardy, jrafanie, obarenbo, xlecauch |
| Target Milestone: | GA | ||
| Target Release: | 5.4.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-04-17 00:46:57 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** This bug has been marked as a duplicate of bug 1186364 *** |
Description of problem: After applying the latest updates, the external authentication doesn't work anymore. Version-Release number of selected component (if applicable): cfme-5.3.2.6-1.el6cf.x86_64 How reproducible: always after "yum update cfme" to current version Steps to Reproduce: 1. setup an appliance with 5.3.x 2. configure external authentication 3. run "yum update" Actual results: external authentication doesn't work anymore Expected results: should still work Additional info: I found out that the modifications in the following files get reset during the upgrade: /etc/httpd/conf.d/cfme-https-application.conf Here is the diff before and after "yum update": --- cfme-https-application.conf-after-upgrade 2015-01-27 20:23:59.286444537 +0100 +++ cfme-https-application.conf-before-ugprade 2015-01-27 20:23:43.049444565 +0100 @@ -1,4 +1,6 @@ ## CFME SSL Virtual Host Context +Include conf.d/cfme-external-auth + <VirtualHost *:443> @@ -8,6 +10,14 @@ Include conf.d/cfme-redirects-ui ProxyPreserveHost on RequestHeader set X_FORWARDED_PROTO 'https' +RequestHeader unset X_REMOTE_USER +RequestHeader set X_REMOTE_USER %{REMOTE_USER}e env=REMOTE_USER +RequestHeader set X_EXTERNAL_AUTH_ERROR %{EXTERNAL_AUTH_ERROR}e env=EXTERNAL_AUTH_ERROR +RequestHeader set X_REMOTE_USER_EMAIL %{REMOTE_USER_EMAIL}e env=REMOTE_USER_EMAIL +RequestHeader set X_REMOTE_USER_FIRSTNAME %{REMOTE_USER_FIRSTNAME}e env=REMOTE_USER_FIRSTNAME +RequestHeader set X_REMOTE_USER_LASTNAME %{REMOTE_USER_LASTNAME}e env=REMOTE_USER_LASTNAME +RequestHeader set X_REMOTE_USER_FULLNAME %{REMOTE_USER_FULLNAME}e env=REMOTE_USER_FULLNAME +RequestHeader set X_REMOTE_USER_GROUPS %{REMOTE_USER_GROUPS}e env=REMOTE_USER_GROUPS ErrorLog /var/www/miq/vmdb/log/apache/ssl_error.log TransferLog /var/www/miq/vmdb/log/apache/ssl_access.log