Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1388083 - Use mod_auth_gssapi and mod_session instead of mod_auth_kerb for Kerberos SSO
Use mod_auth_gssapi and mod_session instead of mod_auth_kerb for Kerberos SSO
Status: CLOSED ERRATA
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-extension-aaa-ldap (Show other bugs)
unspecified
Unspecified Unspecified
high Severity medium
: ovirt-4.0.5
: 4.0.5
Assigned To: Martin Perina
Gonza
: ZStream
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-10-24 08:13 EDT by Martin Perina
Modified: 2016-11-16 10:32 EST (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Red Hat Enterprise Linux 6 used mod_auth_kerb to setup Kerberos SSO, but this module has been deprecated; mod_auth_gssapi is used instead. This update ensures mod_auth_gssapi and mod_session is used, and that example configurations have been updated. For existing customers, mod_auth_kerb will continue to work with previous versions of Red Hat Enterprise Virtualization.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-16 10:32:23 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 65682 None None None 2016-10-24 08:41 EDT
Red Hat Product Errata RHEA-2016:2798 normal SHIPPED_LIVE ovirt-engine-extension-aaa-ldap bug fix and enhancement update for RHV 4.0.5 2016-11-16 15:29:00 EST

  None (edit)
Description Martin Perina 2016-10-24 08:13:40 EDT 
Description of problem:

On EL6 we have used mod_auth_kerb to setup Kerberos SSO, but this module is no longer developed and it's proposed to use mod_auth_gssapi instead. So for new installation we propose to use mod_auth_gssapi along with mod_session and we need to update examples configurations which are used and documented by BZ1368452.

Existing customers don't need to change anything, mod_auth_kerb will continue to work as in previous RHV releases.


Version-Release number of selected component (if applicable):

RHV 4.0

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Martin Perina 2016-10-31 06:54:35 EDT 
Fix is contained in ovirt-engine-extension-aaa-ldap-1.2.2 package
Comment 3 Martin Perina 2016-10-31 07:11:32 EDT 
Moving back to MODIFIED, we need to include new package into 4.0.5 release
Comment 5 Gonza 2016-11-07 07:09:06 EST 
Verified with:
rhevm-4.0.5.5-0.1.el7ev.noarch
mod_session-2.4.6-40.el7_2.4.x86_64
mod_auth_gssapi-1.3.1-3.el7_2.x86_64
Comment 7 errata-xmlrpc 2016-11-16 10:32:23 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2798.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.