Description of problem: After configuring an appliance to use external authentication logins fail. A traceback is produced in the production.log How reproducible: Configure an appliance to use external authentication. Attempt to log in as admin. Login fails Additional info: Below is a excerpt from the production.log ... [----] I, [2017-03-03T13:57:27.121355 #12363:10cd2e8] INFO -- : Rendered /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/layouts/_exception_contents.html.haml (0.8ms) [----] I, [2017-03-03T13:57:27.121855 #12363:10cd2e8] INFO -- : Completed 200 OK in 3ms (Views: 1.7ms | ActiveRecord: 0.0ms) [----] I, [2017-03-03T14:00:08.440185 #12363:10cdb44] INFO -- : Started GET "/" for 127.0.0.1 at 2017-03-03 14:00:08 -0500 [----] I, [2017-03-03T14:00:08.442485 #12363:10cdb44] INFO -- : Processing by DashboardController#login as HTML [----] I, [2017-03-03T14:00:08.450362 #12363:10cdb44] INFO -- : Rendering /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/dashboard/login.html.haml within layouts/login [----] I, [2017-03-03T14:00:08.451523 #12363:10cdb44] INFO -- : Rendered /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/layouts/_spinner.html.haml (0.6ms) [----] I, [2017-03-03T14:00:08.452130 #12363:10cdb44] INFO -- : Rendered /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/layouts/_flash_msg.html.haml (0.1ms) [----] I, [2017-03-03T14:00:08.455635 #12363:10cdb44] INFO -- : Rendered /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/dashboard/login.html.haml within layouts/login (5.1ms) [----] I, [2017-03-03T14:00:08.455900 #12363:10cdb44] INFO -- : Rendered /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/layouts/_doctype.html.haml (0.0ms) [----] I, [2017-03-03T14:00:08.456891 #12363:10cdb44] INFO -- : Rendered /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/layouts/_i18n_js.html.haml (0.0ms) [----] I, [2017-03-03T14:00:08.458404 #12363:10cdb44] INFO -- : Completed 200 OK in 16ms (Views: 7.8ms | ActiveRecord: 0.0ms) [----] I, [2017-03-03T14:00:20.387283 #12363:10cd6bc] INFO -- : Started POST "/dashboard/external_authenticate" for 127.0.0.1 at 2017-03-03 14:00:20 -0500 [----] I, [2017-03-03T14:00:20.389612 #12363:10cd6bc] INFO -- : Processing by DashboardController#external_authenticate as JS [----] I, [2017-03-03T14:00:20.389706 #12363:10cd6bc] INFO -- : Parameters: {"user_name"=>"ldaptest2", "user_password"=>"[FILTERED]", "browser_name"=>"Chrome", "browser_version"=>"56", "browser_os"=>"Mac", "user_TZO"=>"-5"} [----] W, [2017-03-03T14:00:20.390083 #12363:10cd6bc] WARN -- : Can't verify CSRF token authenticity. [----] F, [2017-03-03T14:00:20.390453 #12363:10cd6bc] FATAL -- : Error caught: [ActionController::InvalidAuthenticityToken] ActionController::InvalidAuthenticityToken /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal/request_forgery_protection.rb:195:in `handle_unverified_request' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal/request_forgery_protection.rb:223:in `handle_unverified_request' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal/request_forgery_protection.rb:218:in `verify_authenticity_token' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:382:in `block in make_lambda' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:150:in `block (2 levels) in halting_and_conditional' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/abstract_controller/callbacks.rb:12:in `block (2 levels) in <module:Callbacks>' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:151:in `block in halting_and_conditional' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:454:in `block in call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:454:in `each' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:454:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:101:in `__run_callbacks__' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:750:in `_run_process_action_callbacks' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:90:in `run_callbacks' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/abstract_controller/callbacks.rb:19:in `process_action' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal/rescue.rb:20:in `process_action' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal/instrumentation.rb:32:in `block in process_action' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/notifications.rb:164:in `block in instrument' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/notifications/instrumenter.rb:21:in `instrument' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/notifications.rb:164:in `instrument' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal/instrumentation.rb:30:in `process_action' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal/params_wrapper.rb:248:in `process_action' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activerecord-5.0.1/lib/active_record/railties/controller_runtime.rb:18:in `process_action' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/abstract_controller/base.rb:126:in `process' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionview-5.0.1/lib/action_view/rendering.rb:30:in `process' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal.rb:190:in `dispatch' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_controller/metal.rb:262:in `dispatch' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/routing/route_set.rb:50:in `dispatch' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/routing/route_set.rb:32:in `serve' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/journey/router.rb:39:in `block in serve' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/journey/router.rb:26:in `each' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/journey/router.rb:26:in `serve' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/routing/route_set.rb:725:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/secure_headers-3.0.3/lib/secure_headers/middleware.rb:10:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/etag.rb:25:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/conditional_get.rb:38:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/head.rb:12:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/session/abstract/id.rb:222:in `context' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/session/abstract/id.rb:216:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/cookies.rb:613:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/callbacks.rb:38:in `block in call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:97:in `__run_callbacks__' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:750:in `_run_call_callbacks' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/callbacks.rb:90:in `run_callbacks' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/callbacks.rb:36:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/remote_ip.rb:79:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/debug_exceptions.rb:49:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/show_exceptions.rb:31:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/railties-5.0.1/lib/rails/rack/logger.rb:36:in `call_app' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/railties-5.0.1/lib/rails/rack/logger.rb:26:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/request_id.rb:24:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/method_override.rb:22:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/runtime.rb:22:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/activesupport-5.0.1/lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/actionpack-5.0.1/lib/action_dispatch/middleware/executor.rb:12:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/rack-2.0.1/lib/rack/sendfile.rb:111:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/railties-5.0.1/lib/rails/engine.rb:522:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/puma-3.3.0/lib/puma/configuration.rb:224:in `call' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/puma-3.3.0/lib/puma/server.rb:561:in `handle_request' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/puma-3.3.0/lib/puma/server.rb:406:in `process_client' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/puma-3.3.0/lib/puma/server.rb:271:in `block in run' /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/puma-3.3.0/lib/puma/thread_pool.rb:111:in `block in spawn_thread' [----] I, [2017-03-03T14:00:20.392162 #12363:10cd6bc] INFO -- : Rendered /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-ui-classic-5a6599dc4067/app/views/layouts/_exception_contents.html.haml (0.8ms) [----] I, [2017-03-03T14:00:20.392699 #12363:10cd6bc] INFO -- : Completed 200 OK in 3ms (Views: 1.9ms | ActiveRecord: 0.0ms) ... This issue was introduced with commit: https://github.com/ManageIQ/manageiq-ui-classic/commit/0f99d9a6b6d348985ae674608ee82b3426e48133 When we manually reverted this commit on the appliance we were able to avoid the problem and were able to log in.
This should be a blocking issue as it prevents the use of external authentication.
https://github.com/ManageIQ/manageiq-ui-classic/pull/595
Verified in - 5.8.0.12-rc1