Bug 912013

Summary: Register should not succeed with existing consumer ID using different username and password
Product: [Retired] Subscription Asset Manager Reporter: qianzhan
Component: candlepinAssignee: Tom McKay <tomckay>
Status: CLOSED NOTABUG QA Contact: SAM QE List <sam-qe-list>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 1.3CC: gxing, liliu, qianzhan, sclewis, sgao, shihliu, tomckay
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-07-15 16:24:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 833466    
Attachments:
Description Flags
rhsm.log file none

Description qianzhan 2013-02-17 08:35:32 UTC 
Created attachment 698457 [details]
rhsm.log file

Description of problem:
Register should not succeed with existing consumer ID using different username and password

Version-Release number of selected component (if applicable):
Test client:
python-rhsm-1.1.8-1.el6.x86_64
subscription-manager-1.1.23-1.el6.x86_64
subscription-manager-firstboot-1.1.23-1.el6.x86_64
subscription-manager-gui-1.1.23-1.el6.x86_64

SAM Server:
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-certs-tools-1.2.1-1h.el6_3.noarch
katello-cli-1.2.1-12h.el6_3.noarch
katello-cli-common-1.2.1-12h.el6_3.noarch
katello-common-1.2.1-15h.el6_3.noarch
katello-configure-1.2.3-3h.el6_3.noarch
katello-glue-candlepin-1.2.1-15h.el6_3.noarch
katello-headpin-1.2.1-15h.el6_3.noarch
katello-headpin-all-1.2.1-15h.el6_3.noarch
katello-selinux-1.2.1-2h.el6_3.noarch
candlepin-0.7.23-1.el6_3.noarch
candlepin-tomcat6-0.7.23-1.el6_3.noarch
thumbslug-0.0.28-1.el6_3.noarch
thumbslug-selinux-0.0.28-1.el6_3.noarch

How reproducible:
always

Steps to Reproduce:
1. config test client to register to SAM
[root@dhcp-65-26 ~]# cat /etc/rhsm/rhsm.conf
hostname = samserv.redhat.com   ---> IP:10.66.12.203
baseurl=https://samserv.redhat.com:8088
ca_cert_dir = /etc/rhsm/ca/
repo_ca_cert = %(ca_cert_dir)scandlepin-local.pem

2.Register to SAM with an account, and record the consumerID:
[root@dhcp-65-26 ~]# subscription-manager register --username=test --password=***
The system has been registered with id: 3f46e9c6-4f59-4cce-8818-f718a0d4b316

3.Check if the registeration in step 2 is successful:
[root@dhcp-65-26 ~]# subscription-manager identity
Current identity is: 3f46e9c6-4f59-4cce-8818-f718a0d4b316
name: dhcp-65-26.nay.redhat.com
org name: ACME_Corporation
org id: ACME_Corporation

4.Clean the client data:
[root@dhcp-65-26 ~]# subscription-manager clean
All local data removed

5.Check if step 4 is successful:
[root@dhcp-65-26 ~]# subscription-manager identity
This system is not yet registered. Try 'subscription-manager register --help' for more information.

6.Re-register to SAM using the recorded consumer ID and another different account:
[root@dhcp-65-26 ~]# subscription-manager register --username=admin --password=*** --consumerid=3f46e9c6-4f59-4cce-8818-f718a0d4b316


Actual results:
After the step 6, register successfully with existing consumer ID using different username and password, the output is as below:
The system has been registered with id: 3f46e9c6-4f59-4cce-8818-f718a0d4b316 

Expected results:
After the step 6, it should not be successful to register with existing consumer ID using different username and password, and the output should be as below:
invalid username or password.

Additional info:
attached is the rhsm.log file.
Comment 1 Scott Lewis 2013-02-25 15:51:08 UTC 
Moving to appropriate release bucket
Comment 2 Tom McKay 2013-07-15 16:17:45 UTC 
If the second user has register permissions that allow them to register a system in the same org/environment as the original, then this should absolutely work as described below as that is the intention of the command functionality.