Bug 789770

Summary: USER_IS_ALREADY_LOGGED_IN after failed command
Product: Red Hat Enterprise Virtualization Manager Reporter: Floris <bos>
Component: ovirt-engine-restapiAssignee: Ori Liel <oliel>
Status: CLOSED WORKSFORME QA Contact: Ilanit Stein <istein>
Severity: high Docs Contact:
Priority: high    
Version: 3.1.0CC: acathrow, bazulay, dyasny, ecohen, iheim, mpastern, oramraz, Rhev-m-bugs, ykaul
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-07-26 07:36:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
Data sent and received to reproduce none

Description Floris 2012-02-12 22:15:15 UTC 
It seems that if an API command fails (e.g. because you used the invalid syntax), the command that comes right after it fails as well with an "401 Unauthorized" HTTP error.
Subsequent commands do work properly again.


oVirt log seems to suggest the user is already logged in.
Perhaps it did not log out properly after the error?

==
2012-02-12 20:46:13,085 WARN  [org.ovirt.engine.core.bll.LoginAdminUserCommand] (http--0.0.0.0-8080-1) CanDoAction of action LoginAdminUser failed. Reasons:USER_IS_ALREADY_LOGGED_IN
2012-02-12 20:46:13,086 INFO  [org.ovirt.engine.api.restapi.security.auth.LoginValidator] (http--0.0.0.0-8080-1) Login failure, user: admin domain: internal reason: [USER_IS_ALREADY_LOGGED_IN]
==
Comment 6 Ori Liel 2012-07-15 12:29:51 UTC 
Floris, can you please give some more information about how to reproduce this bug? 

I wrote a shell script with two consecutive curl commands. The first is update with bad syntax, the second is update with good syntax. The commands are executed sequentially, one right after the other. The first one fails with SAX exception (due to the bad syntax), but the second one succeeds; I do not see the "user still logged-in" issue.
Comment 7 Floris 2012-07-15 13:43:57 UTC 
Created attachment 598308 [details]
Data sent and received to reproduce

Issue occurs when you trying to create a new VM (POST /api/vms), and having a syntax error there.
See attached.
Comment 9 Ori Liel 2012-07-18 07:28:59 UTC 
Thanks for the log. I updated my curl script to execute the same commands that you've sent. However, the second command still works fine. 

Contents of script curl_commands.sh: 

#First request:
#---------------
echo '<vmSYNTAXERROR><name></name><cluster id="test"/><template><name>Blank</name></template><memory>805306368</memory><os><boot dev="hd"/></os><display><type>vnc</type></display></vm>' | curl -v -u "admin@internal":letmein! -H "Content-type:application/xml" 'http://localhost:8080/api/vms' -X POST -T -

#Second request:
#--------------
curl -v -u "admin@internal":letmein! -H "Content-type:application/xml" 'http://localhost:8080/api/networks' -X GET


What did you use to send the http requests (curl?)

Ori
Comment 10 Floris 2012-07-18 12:52:50 UTC 
>What did you use to send the http requests (curl?)

PHP Zend framework HTTP classes
Log was created with Wireshark. So I'm certain what it sends is correct.


Also my requests are done from another server, not localhost. Not sure if that might affect your login session restrictions.
Comment 13 Ori Liel 2012-07-26 07:36:54 UTC 
I tried from a remote computer as well (reply to comment 10), and the problem still didn't reproduce.

I can't fix without reproducing, so I'm closing the bug. Maybe one day it will resurface in a way that will allow reproducing it.