Bug 1330742 - [AAA] After AAA configuration, users unable to login via scripts
Summary: [AAA] After AAA configuration, users unable to login via scripts
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 3.6.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ovirt-3.6.6
: 3.6.6
Assignee: Ondra Machacek
QA Contact: Gonza
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-04-26 20:44 UTC by Anitha Udgiri
Modified: 2019-11-14 07:53 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-05-25 12:08:36 UTC
oVirt Team: Infra
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:1119 0 normal SHIPPED_LIVE Red Hat Enterprise Virtualization Manager (rhevm) bug fix 3.6.6 2016-05-25 16:07:50 UTC
oVirt gerrit 56693 0 ovirt-engine-3.6 MERGED aaa: run mapUser before authentication in REST 2020-09-24 21:08:43 UTC

Description Anitha Udgiri 2016-04-26 20:44:57 UTC
Created attachment 1151069 [details]
script used

Description of problem:
When using REST API after moving to using AAA plugin for user integration, users are unable to login via the scripts.

The following error is logged :

2016-04-21 07:44:59,076 ERROR [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter] (ajp-/127.0.0.1:8702-8) User <abcde> authentication failed. profile is <xyz> Invocation Result code is 0. Authn result code is CREDENTIALS_INCORRECT
2016-04-21 07:45:11,058 ERROR [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter] (ajp-/127.0.0.1:8702-3) User <abcde> authentication failed. profile is <xyz> Invocation Result code is 0. Authn result code is CREDENTIALS_INCORRECT

Comment 6 Martin Perina 2016-05-02 11:39:24 UTC
Changing component to ovirt-engine, because engine part needs to be fixed, aaa-* extension part if OK.

Comment 7 Gonza 2016-05-10 08:59:06 UTC
Verified with:
rhevm-3.6.6.2-0.1.el6.noarch
rhevm-restapi-3.6.6.2-0.1.el6.noarch

User is able to login via REST API with mapping set to default suffix.

Comment 9 errata-xmlrpc 2016-05-25 12:08:36 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-1119.html


Note You need to log in before you can comment on or make changes to this bug.