Bug 1403678

Summary: Cannot login using using @redhat.com address
Product: [Community] Bugzilla Reporter: Petr Lautrbach <plautrba>
Component: Bugzilla GeneralAssignee: PnT DevOps Devs <hss-ied-bugs>
Status: CLOSED NOTABUG QA Contact: tools-bugs <tools-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.0CC: dgilbert, hcsomort, huiwang, jbastian, qgong, rbriggs
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-01-13 05:44:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Petr Lautrbach 2016-12-12 07:21:56 UTC 
Description of problem:

I try to login to https://beta.bugzilla.redhat.com/bugzilla/ using 'Red Hat Associate' button or with password and both fail on:


The IDP's reply failed validation: Crypt::OpenSSL::VerifyX509::verify: x509 is not of type Crypt::OpenSSL::X509 at /usr/share/perl5/vendor_perl/Net/SAML2/Binding/POST.pm line 67. .
Comment 1 Hunor Csomortáni 2016-12-12 09:13:41 UTC 
Same here.

Running Fedora 24 with the latest updates and using Google Chrome 55.0.2883.75 (64-bit)
Comment 2 Richard Guy Briggs 2016-12-12 09:34:17 UTC 
Same here.  When I try to manually enter @redhat.com address with password (rather than the Associate login button) I get a "url too long" error.
Comment 3 Jeff Fearn 🐞 2016-12-12 22:30:36 UTC 
At the top of every page there is a big blue box, the second line in that box is:

The Red Hat Associate (RHA) IDP is currently not functioning

where "currently not functioning" is bold.

We are waiting for the IDM team to reimport the metadata to fix this. 

FYI It's my fault, we had to change the URL path to avoid production cookies being sent to the beta sub domain, which broke SSO :-( We didn't have time to wait for it to be fixed due to time constraints.
Comment 4 Jeff Fearn 🐞 2016-12-12 22:31:34 UTC 
(In reply to Richard Guy Briggs from comment #2)
> Same here.  When I try to manually enter @redhat.com address with password
> (rather than the Associate login button) I get a "url too long" error.

I wonder if part of the SSO data is still in the URL? Can you click the home link and then try to login?
Comment 5 Richard Guy Briggs 2016-12-13 03:56:10 UTC 
(In reply to Jeff Fearn from comment #4)
> (In reply to Richard Guy Briggs from comment #2)
> > Same here.  When I try to manually enter @redhat.com address with password
> > (rather than the Associate login button) I get a "url too long" error.
> 
> I wonder if part of the SSO data is still in the URL? Can you click the home
> link and then try to login?

Ok, starting from "beta.bugzilla.redhat.com", then clicking "home", "login", then "bugzilla account" with my account name and password did work this time.
Comment 6 Richard Guy Briggs 2016-12-13 03:59:42 UTC 
Once logged in and looking at a valid bug (1379453), all the redhat icons next to account names obscure and overlap the end of the link text on smaller font sizes.
Comment 7 Jeff Fearn 🐞 2017-01-13 05:44:56 UTC 
There is another Bug 1409653 for dirty URLs affecting logins, other than that SSO is working fine..