Bug 1373432

Summary: Second deployment with the same manifest: "Katello::HttpErrors::Unauthorized: Customer portal credentials are required."
Product: Red Hat Quickstart Cloud Installer Reporter: Antonin Pagac <apagac>
Component: WebUIAssignee: Jesus M. Rodriguez <jesusr>
Status: CLOSED ERRATA QA Contact: Tasos Papaioannou <tpapaioa>
Severity: low Docs Contact:
Priority: unspecified    
Version: 1.0CC: kdube, tpapaioa, tsanders
Target Milestone: ---Keywords: Triaged
Target Release: 1.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-02-28 01:39:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Antonin Pagac 2016-09-06 09:26:49 UTC 
Description of problem:
When doing a second deployment with the same manifest as used in the first one, there is an error in the production.log:

"2016-09-06 05:12:04 [app] [E] Katello::HttpErrors::Unauthorized: Customer portal credentials are required.  Please provide them using login."

and a traceback.
Deployment is able to continue and content sync completes successfully.

Version-Release number of selected component (if applicable):
QCI-1.0-RHEL-7-20160902.5
QCIOOO-8.0-RHEL-7-20160902.1

How reproducible:
Noticed once, probably reproducible

Steps to Reproduce:
1. Do first deployment; delete the deployment; clean up Satellite
2. Do second deployment with the same manifest
3. An error appears in production.log

Actual results:
Error with traceback in production.log

Expected results:
No error in production.log

Additional info:
Comment 3 Jesus M. Rodriguez 2016-09-09 20:48:40 UTC 
The second deployment has a cached value that it tries to verify is still valid
by hitting an api on the backend server. The original api would throw an
unauthorized error if the portal credentials were not stored on the backend
session. This caused the backend to log an error making it seem like things
failed.

In reality, it was working as expected, the UI checked to see if we were
logged into the portal. Backened responed with an error message, the UI then set
their cached value of isAuthenticated to false.

This behavior while working as expected resulted in a really ugly log message
and an inefficient call.

SOLUTION:
Add an is_authenticated route on the backend so the UI can check to see if the
credentials are stored in the session, thus validating their credentials are
still active. The new api will return true or false. No error message is logged.
Comment 4 Jesus M. Rodriguez 2016-09-09 20:48:50 UTC 
https://github.com/fusor/fusor/pull/1224
Comment 5 Tasos Papaioannou 2016-10-05 19:18:08 UTC 
Verified on QCI-1.1-RHEL-7-20161004.t.0.
Comment 8 errata-xmlrpc 2017-02-28 01:39:16 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:0335