Bug 1664435
| Summary: | Error instantiating class for challenge_password with SCEP request | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Rob Crittenden <rcritten> | ||||
| Component: | pki-core | Assignee: | Christina Fu <cfu> | ||||
| Status: | CLOSED ERRATA | QA Contact: | PKI QE <bugzilla-pkiqe> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 8.1 | CC: | aakkiang, alee, cfu, dennis, edewata, extras-orphan, gswami, it.darbs, mharmsen, skhandel | ||||
| Target Milestone: | rc | Keywords: | Regression, Triaged | ||||
| Target Release: | 8.4 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | pki-core-10.6-8040020210209003343.d4d99205 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2021-05-18 15:25:13 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Rob Crittenden
2019-01-08 19:09:03 UTC
Created attachment 1519264 [details]
debug log showing full request
This message is a reminder that Fedora 28 is nearing its end of life. On 2019-May-28 Fedora will stop maintaining and issuing updates for Fedora 28. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '28'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 28 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. I have the same issue. Fedora 29. pki-server-10.8.0-0.1.fc30.noarch Is there a chance for sorting it out ? This message is a reminder that Fedora 29 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 29 on 2019-11-26. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '29'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 29 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. Still reproducible in F30 with pki-ca-10.7.3-3.fc30.noarch Some people have inquired about enabling SCEP on an IPA master and is failure a blocker for that. This message is a reminder that Fedora 31 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 31 on 2020-11-24. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '31'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 31 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. Still occurring with pki-ca-10.10.0-0.2.beta1.20201023203338UTC.42ab987a.fc32 I ran into this too. This might have to do with how PKCS10Attribute was moved from pki netscape.security.pkcs.PKCS10Attributes into jss org.mozilla.jss.netscape.security.pkcs.PKCS10Attributes However, oddly, I received PRs for review in the SCEP area for the master branch in just 3 months ago... that makes me wonder how the person not run into this. We'll investigate. OK, I think we just need to move ChallengePassword.java into JSS. Looks straightforward enough. Let's see if Alex wants to do that for us ;-)... (In reply to Christina Fu from comment #10) > OK, I think we just need to move ChallengePassword.java into JSS. Looks > straightforward enough. > Let's see if Alex wants to do that for us ;-)... I could fix the pki side of the code if Alex could provide ChallengePassword in JSS. Thanks! commit f667467785b1c27fe0721d8d16b72fddc331b76a (HEAD -> master, origin/master, origin/HEAD)
Author: Christina Fu <cfu>
Date: Wed Dec 16 18:53:31 2020 -0800
Bug1664435-SCEP ChallengePassword Class not found
This patch, together with the fix for "Bug1908541 jss broke SCEP - missing PasswordChallenge class", addresses the issue where the class PasswordChallenge cannot be loaded due to Class Loader differences.
jss is installed in the common CL (/usr/share/pki/server/common/lib/jss4.jar)
the servlet classes are in webapp CL (/usr/share/pki/server/webapps/pki/WEB-INF/lib/pki-cms.jar)
In addition, this patch adds the upgrade sscript for the new path of ChallengePassword class which has been moved from pki into JSS.
fixes https://bugzilla.redhat.com/show_bug.cgi?id=1664435
Moved to RHEL. Fedora users: this will be addressed in the upcoming PKI release. Additional fix for v10.10 branch: * https://github.com/dogtagpki/pki/commit/042e2b704d27924590b86d776fae19b4eb65fa19 Verified the BZ on Nightly compose with following RHEL bits: pki-ca noarch 10.10.4-1.module+el8.4.0+9861+7cddd5b6 RHEL8.4-Appstream 1.0 M pki-kra noarch 10.10.4-1.module+el8.4.0+9861+7cddd5b6 RHEL8.4-Appstream 203 k jss x86_64 4.8.1-1.module+el8.4.0+9456+88377f87 RHEL8.4-Appstream 1.2 M Successful pipeline execution: test_pki_ca_scep_enrollment_bz_1664435_1908541: https://gitlab.cee.redhat.com/skhandel/pki-pytest-ansible/-/jobs/2990983 Marking the BZ verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1775 |