1441708 – heketi USER KEY verification fails as it's unable to access the Volume APIs

Bug 1441708 - heketi USER KEY verification fails as it's unable to access the Volume APIs

Summary: heketi USER KEY verification fails as it's unable to access the Volume APIs

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Gluster Storage
Classification:	Red Hat Storage
Component:	heketi
Sub Component:
Version:	cns-3.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	low
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Michael Adam
QA Contact:	Rahul Hinduja
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1535543 (view as bug list)
Depends On:
Blocks:	OCS-3.11.1-Engineering-Proposed-BZs OCS-3.11.1-devel-triage-done
TreeView+	depends on / blocked

Reported:	2017-04-12 14:08 UTC by Prasanth
Modified:	2019-08-13 15:13 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1430859
Environment:
Last Closed:	2019-08-13 15:13:32 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1535543	0	unspecified	CLOSED	heketi normal user can create volumes	2021-02-22 00:41:40 UTC

Internal Links: 1535543

Description Prasanth 2017-04-12 14:08:45 UTC

##################################################################

For USER KEY verification

# heketi-cli --server <RESTurl> --user user --secret MyOwnSecret volume list

Without user and secret authentication will fail. This user can access only volume API so only volume commands.

You can also set the username and key in environmental variable just like RESTurl

//Server
export HEKETI_CLI_SERVER=http://path

//User 
export HEKETI_CLI_USER=user

//secret
export HEKETI_CLI_KEY=MyOwnSecret

# heketi-cli volume list

This will internally use the environmental variables.

##################################################################

> 2) User - can access only volume API's

However, this doesn't work as the User cannot access even the volume API's as mentioned. So the USER KEY verification fails. 

######
# heketi-cli --user user --secret MyOwnSecret volume list
Error: Administrator access required

# heketi-cli --server http://heketi-storage-project.cloudapps.mystorage.com --user user --secret MyOwnSecret volume list
Error: Administrator access required
######

Comment 4 Niels de Vos 2018-05-09 09:35:51 UTC

Confirmed that this is still a problem with heketi-6.0.

There is no high priority use-case depending on this, moving out for reconsideration with cns-3.11.

Comment 7 John Mulligan 2018-10-31 14:52:47 UTC

*** Bug 1535543 has been marked as a duplicate of this bug. ***

Comment 8 Raghavendra Talur 2019-01-23 20:07:55 UTC

We still want to do this. Should be proposed for 3.11.2. This is not a RFE but a small fix which would reduce the confusion users have.

Note You need to log in before you can comment on or make changes to this bug.