1330742 – [AAA] After AAA configuration, users unable to login via scripts

Bug 1330742 - [AAA] After AAA configuration, users unable to login via scripts

Summary: [AAA] After AAA configuration, users unable to login via scripts

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine
Sub Component:
Version:	3.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	ovirt-3.6.6
Target Release:	3.6.6
Assignee:	Ondra Machacek
QA Contact:	Gonza
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-04-26 20:44 UTC by Anitha Udgiri
Modified:	2019-11-14 07:53 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-05-25 12:08:36 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2016:1119	0	normal	SHIPPED_LIVE	Red Hat Enterprise Virtualization Manager (rhevm) bug fix 3.6.6	2016-05-25 16:07:50 UTC
oVirt gerrit	56693	0	ovirt-engine-3.6	MERGED	aaa: run mapUser before authentication in REST	2020-09-24 21:08:43 UTC

Description Anitha Udgiri 2016-04-26 20:44:57 UTC

Created attachment 1151069 [details]
script used

Description of problem:
When using REST API after moving to using AAA plugin for user integration, users are unable to login via the scripts.

The following error is logged :

2016-04-21 07:44:59,076 ERROR [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter] (ajp-/127.0.0.1:8702-8) User <abcde> authentication failed. profile is <xyz> Invocation Result code is 0. Authn result code is CREDENTIALS_INCORRECT
2016-04-21 07:45:11,058 ERROR [org.ovirt.engine.core.aaa.filters.BasicAuthenticationFilter] (ajp-/127.0.0.1:8702-3) User <abcde> authentication failed. profile is <xyz> Invocation Result code is 0. Authn result code is CREDENTIALS_INCORRECT

Comment 6 Martin Perina 2016-05-02 11:39:24 UTC

Changing component to ovirt-engine, because engine part needs to be fixed, aaa-* extension part if OK.

Comment 7 Gonza 2016-05-10 08:59:06 UTC

Verified with:
rhevm-3.6.6.2-0.1.el6.noarch
rhevm-restapi-3.6.6.2-0.1.el6.noarch

User is able to login via REST API with mapping set to default suffix.

Comment 9 errata-xmlrpc 2016-05-25 12:08:36 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-1119.html

Note You need to log in before you can comment on or make changes to this bug.