Bug 1993078

Summary: Enable Auth config for ironic-api
Product: OpenShift Container Platform Reporter: Derek Higgins <derekh>
Component: Bare Metal Hardware ProvisioningAssignee: Derek Higgins <derekh>
Bare Metal Hardware Provisioning sub component: ironic QA Contact: Adina Wolff <awolff>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: high CC: rbartal
Version: 4.9Keywords: Triaged
Target Milestone: ---   
Target Release: 4.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-18 17:46:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Derek Higgins 2021-08-12 10:35:50 UTC 
Auth was removed from ironic API in favour of doing
it in httpd (as part of a switch to wsgi). The switch to
wsgi hasn't happened so we need to restore auth here.
Comment 3 Adina Wolff 2021-08-18 06:55:31 UTC 
Fix was verified

IPV4, OCP version 4.9.0-0.nightly-2021-08-16-154237
[kni@provisionhost-0-0 ~]$ curl -I https://172.22.0.3:6385/v1/nodes -X get  --insecure
HTTP/1.1 401 Unauthorized
Www-Authenticate: Basic realm="Baremetal API"
Content-Type: application/json
Content-Length: 57
Date: Tue, 17 Aug 2021 12:10:19 GMT


IPV6, OCP version 4.9.0-0.nightly-2021-08-16-082143

[kni@provisionhost-0-0 ~]$ curl https://[fd00:1101:0:1::3]:6385/v1/nodes -X get  --insecure
{"error":{"message":"Authorization required","code":401}}[kni@provisionhost-0-0 ~]$
Comment 6 errata-xmlrpc 2021-10-18 17:46:09 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3759