Bug 1236375 - Storage should allow at least 256 character long usernames and passwords
Summary: Storage should allow at least 256 character long usernames and passwords
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 3.6.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ovirt-3.6.0-rc
: 3.6.0
Assignee: Tal Nisan
QA Contact: Kevin Alon Goldblatt
URL:
Whiteboard:
Depends On: 1234100
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-06-28 11:15 UTC by Allon Mureinik
Modified: 2016-03-10 12:01 UTC (History)
14 users (show)

Fixed In Version: 3.6.0-4_alpha3
Doc Type: Bug Fix
Doc Text:
Previously, the database schema did not allow user names or passwords of more than 50 characters for storage resources. Now, user names and passwords of an indefinite length are allowed.
Clone Of: 1234100
Environment:
Last Closed:
oVirt Team: Storage
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
engine, vdsm, server logs (473.21 KB, application/x-gzip)
2015-08-20 15:25 UTC, Kevin Alon Goldblatt 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 42933 0 None None None Never
oVirt gerrit 42934 0 None None None Never
oVirt gerrit 43729 0 None None None Never

Description Allon Mureinik 2015-06-28 11:15:37 UTC 
+++ This bug was initially created as a clone of Bug #1234100 +++

Description of problem:
We currently allow the storage (e.g. iSCSI) username length to be of 50 characters long or less.
Storage appliances exist that support 256 character long usernames, and generally there is no defined limit for the username and password length in CHAP specification.

Version-Release number of selected component (if applicable):
N/A

How reproducible:
100%

Actual results:
Username and password are limited to 50 characters.

Expected results:
Username and password should support longer values e.g. at least 256 characters.

Additional info:
http://docs.qnap.com/nas/4.1/SMB/en/index.html?iscsi_storage.htm

--- Additional comment from Allon Mureinik on 2015-06-22 10:28:44 IDT ---

Agreed, should be handled in a similar fashion to bug 1052839.
-------------------------------------------------------------------------
This is a RHEV clone so RHEV's documentation can pick up the same doctext.
Comment 1 Allon Mureinik 2015-07-16 16:42:27 UTC 
Change 43729 is also required for this BZ, returning to MODIFIED.
Comment 2 Kevin Alon Goldblatt 2015-08-20 15:15:32 UTC 
Tested using the following version:
----------------------------------------------------------------
rhevm-3.6.0-0.11.master.el6.noarch - running on Rhel6.7
vdsm-4.17.2-1.el7ev.noarch - running on Rhel7.2

Tested using the following steps:
-----------------------------------
1. Created a username and password of 63 chars on the Extreme I/O
2. Tried to log in and failed
3. Change to username of 3 chars and password of 12 chars - Login was successful


Moving to ASSIGN


2015-08-20 17:51:35,736 INFO  [org.ovirt.engine.core.vdsbroker.vdsbroker.DiscoverSendTargetsVDSCommand] (ajp-/127.0.0.1:8702-3) [] START, DiscoverSendTargetsVDSCommand(HostName = level1_vm01, DiscoverSendTargetsVDSCommandParameters:{runA
sync='true', hostId='22e9edd5-fa6a-49b0-b875-625143058955', connection='StorageServerConnections:{id='null', connection='10.35.146.129', iqn='null', vfsType='null', mountOptions='null', nfsVersion='null', nfsRetrans='null', nfsTimeo='nul
l', iface='null', netIfaceName='null'}'}), log id: 4b1b2718
2015-08-20 17:51:35,852 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp-/127.0.0.1:8702-3) [] Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: VDSM level1_vm01 command failed: Failed discovery of iSCSI targets: "portal=IscsiPortal(hostname=u'10.35.146.129', port=3260), err=(24, [], ['iscsiadm: Login failed to authenticate with target ', 'iscsiadm: discovery login to 10.35.146.129 rejected: initiator failed authorization', '', 'iscsiadm: Could not perform SendTargets discovery: iSCSI login failed due to authorization failure'])"
2015-08-20 17:51:35,853 INFO  [org.ovirt.engine.core.vdsbroker.vdsbroker.DiscoverSendTargetsVDSCommand] (ajp-/127.0.0.1:8702-3) [] Command 'org.ovirt.engine.core.vdsbroker.vdsbroker.DiscoverSendTargetsVDSCommand' return value 'IQNListReturnForXmlRpc:{status='StatusForXmlRpc [code=475, message=Failed discovery of iSCSI targets: "portal=IscsiPortal(hostname=u'10.35.146.129', port=3260), err=(24, [], ['iscsiadm: Login failed to authenticate with target ', 'iscsiadm: discovery login to 10.35.146.129 rejected: initiator failed authorization', '', 'iscsiadm: Could not perform SendTargets discovery: iSCSI login failed due to authorization failure'])"]'}'
2015-08-20 17:51:35,853 INFO  [org.ovirt.engine.core.vdsbroker.vdsbroker.DiscoverSendTargetsVDSCommand] (ajp-/127.0.0.1:8702-3) [] HostName = level1_vm01
2015-08-20 17:51:35,853 ERROR [org.ovirt.engine.core.vdsbroker.vdsbroker.DiscoverSendTargetsVDSCommand] (ajp-/127.0.0.1:8702-3) [] Command 'DiscoverSendTargetsVDSCommand(HostName = level1_vm01, DiscoverSendTargetsVDSCommandParameters:{runAsync='true', hostId='22e9edd5-fa6a-49b0-b875-625143058955', connection='StorageServerConnections:{id='null', connection='10.35.146.129', iqn='null', vfsType='null', mountOptions='null', nfsVersion='null', nfsRetrans='null', nfsTimeo='null', iface='null', netIfaceName='null'}'})' execution failed: VDSGenericException: VDSErrorException: Failed in vdscommand to DiscoverSendTargetsVDS, error = Failed discovery of iSCSI targets: "portal=IscsiPortal(hostname=u'10.35.146.129', port=3260), err=(24, [], ['iscsiadm: Login failed to authenticate with target ', 'iscsiadm: discovery login to 10.35.146.129 rejected: initiator failed authorization', '', 'iscsiadm: Could not perform SendTargets discovery: iSCSI login failed due to authorization failure'])"
2015-08-20 17:51:35,853 INFO  [org.ovirt.engine.core.vdsbroker.vdsbroker.DiscoverSendTargetsVDSCommand] (ajp-/127.0.0.1:8702-3) [] FINISH, DiscoverSendTargetsVDSCommand, log id: 4b1b2718
2015-08-20 17:51:35,853 ERROR [org.ovirt.engine.core.bll.storage.DiscoverSendTargetsQuery] (ajp-/127.0.0.1:8702-3) [] Query 'DiscoverSendTargetsQuery' failed: EngineException: org.ovirt.engine.core.vdsbroker.vdsbroker.VDSErrorException: VDSGenericException: VDSErrorException: Failed in vdscommand to DiscoverSendTargetsVDS, error = Failed discovery of iSCSI targets: "portal=IscsiPortal(hostname=u'10.35.146.129', port=3260), err=(24, [], ['iscsiadm: Login failed to authenticate with target ', 'iscsiadm: discovery login to 10.35.146.129 rejected: initiator failed authorization', '', 'iscsiadm: Could not perform SendTargets discovery: iSCSI login failed due to authorization failure'])" (Failed with error iSCSIDiscoveryError and code 475)
2015-08-20 17:51:35,853 ERROR [org.ovirt.engine.core.bll.storage.DiscoverSendTargetsQuery] (ajp-/127.0.0.1:8702-3) [] Exception: org.ovirt.engine.core.common.errors.EngineException: EngineException: org.ovirt.engine.core.vdsbroker.vdsbroker.VDSErrorException: VDSGenericException: VDSErrorException: Failed in vdscommand to DiscoverSendTargetsVDS, error = Failed discovery of iSCSI targets: "portal=IscsiPortal(hostname=u'10.35.146.129', port=3260), err=(24, [], ['iscsiadm: Login failed to authenticate with target ', 'iscsiadm: discovery login to 10.35.146.129 rejected: initiator failed authorization', '', 'iscsiadm: Could not perform SendTargets discovery: iSCSI login failed due to authorization failure'])" (Failed with error iSCSIDiscoveryError and code 475)
        at org.ovirt.engine.core.bll.VdsHandler.handleVdsResult(VdsHandler.java:112) [bll.jar:]
        at org.ovirt.engine.core.bll.VDSBrokerFrontendImpl.RunVdsCommand(VDSBrokerFrontendImpl.java:33) [bll.jar:]
        at org.ovirt.engine.core.bll.storage.DiscoverSendTargetsQuery.executeQueryCommand(DiscoverSendTargetsQuery.java:16) [bll.jar:]
        at org.ovirt.engine.core.bll.QueriesCommandBase.executeCommand(QueriesCommandBase.java:82) [bll.jar:]
        at org.ovirt.engine.core.dal.VdcCommandBase.execute(VdcCommandBase.java:33) [dal.jar:]
        at org.ovirt.engine.core.bll.Backend.runQueryImpl(Backend.java:537) [bll.jar:]
        at org.ovirt.engine.core.bll.Backend.runQuery(Backend.java:511) [bll.jar:]
        at sun.reflect.GeneratedMethodAccessor48.invoke(Unknown Source) [:1.8.0_51]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_51]
        at java.lang.reflect.Method.invoke(Method.java:497) [rt.jar:1.8.0_51]
        at org.jboss.as.ee.component.ManagedReferenceMethodInterceptor.processInvocation(ManagedReferenceMethodInterceptor.java:52) [jboss-as-ee.jar:7.5.3.Final-redhat-2]
        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation.jar:1.1.2.Final-redhat-1]
        at org.jboss.invocation.WeavedInterceptor.processInvocation(WeavedInterceptor.java:53) [jboss-invocation.jar:1.1.2.Final-redhat-1]
        at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63) [jboss-as-ee.jar:7.5.3.Final-redhat-2]
        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation.jar:1.1.2.Final-redhat-1]
        at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:374) [jboss-invocation.jar:1.1.2.Final-redhat-1]
        at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.delegateInterception(Jsr299BindingsInterceptor.java:74) [jboss-as-weld.jar:7.5.3.Final-redhat-2]
        at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.doMethodInterception(Jsr299BindingsInterceptor.java:84) [jboss-as-weld.jar:7.5.3.Final-redhat-2]
        at org.jboss.as.weld.ejb.Jsr299BindingsInterceptor.processInvocation(Jsr299BindingsInterceptor.java:97) [jboss-as-weld.jar:7.5.3.Final-redhat-2]
        at org.jboss.as.ee.component.interceptors.UserInterceptorFactory$1.processInvocation(UserInterceptorFactory.java:63) [jboss-as-ee.jar:7.5.3.Final-redhat-2]
        at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288) [jboss-invocation.jar:1.1.2.Final-redhat-1]
        at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:374) [jboss-invocation.jar:1.1.2.Final-redhat-1]
        at org.ovirt.engine.core.bll.interceptors.CorrelationIdTrackerInterceptor.aroundInvoke(CorrelationIdTrackerInterceptor.java:13) [bll.jar:]
Comment 3 Kevin Alon Goldblatt 2015-08-20 15:25:24 UTC 
Created attachment 1065307 [details]
engine, vdsm, server logs

Added logs
Comment 4 Allon Mureinik 2015-08-20 15:47:09 UTC 
The error:
login to 10.35.146.129 rejected: initiator failed authorization

Are you sure you entered this LONG password properly?
Comment 6 Allon Mureinik 2016-03-10 10:39:12 UTC 
RHEV 3.6.0 has been released, setting status to CLOSED CURRENTRELEASE
Comment 7 Allon Mureinik 2016-03-10 10:39:17 UTC 
RHEV 3.6.0 has been released, setting status to CLOSED CURRENTRELEASE
Comment 8 Allon Mureinik 2016-03-10 10:45:03 UTC 
RHEV 3.6.0 has been released, setting status to CLOSED CURRENTRELEASE
Comment 9 Allon Mureinik 2016-03-10 12:01:42 UTC 
RHEV 3.6.0 has been released, setting status to CLOSED CURRENTRELEASE
Note You need to log in before you can comment on or make changes to this bug.