Bug 1451221 - engine-setup should set admin@internal in the registered provider
Summary: engine-setup should set admin@internal in the registered provider
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-provider-ovn
Classification: oVirt
Component: provider
Version: 1.0.4
Hardware: Unspecified
OS: Unspecified
high
urgent
Target Milestone: ovirt-4.2.0
: ---
Assignee: Marcin Mirecki
QA Contact: Mor
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-05-16 07:14 UTC by Mor
Modified: 2017-12-20 11:21 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2017-12-20 11:21:45 UTC
oVirt Team: Network
Embargoed:
rule-engine: ovirt-4.2+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 77192 0 'None' MERGED packaging: change ovn provider default user to admin@internal 2021-01-28 18:59:59 UTC

Description Mor 2017-05-16 07:14:05 UTC 
Description of problem:
engine-setup sets 'admin' as username in the default registered provider, this results in engine SSO error when trying to use AuthorizationByUserName authorization role to authenticate.

Error message:
"Unauthorized: Error during SSO authentication access_denied : Cannot authenticate user 'admin@N/A': No valid profile found in credentials.."

Version-Release number of selected component (if applicable):
oVirt Engine Version: 4.2.0-0.0.master.20170514192031.gitbcb4208.el7.centos

How reproducible:
100%

Steps to Reproduce:
1. Install OVN using engine-setup.
2. Edit the default provider and look for the username input field.

Actual results:
'admin' is populated.

Expected results:
'admin@internal' should be populated.

Additional info:
provider log:
017-05-16 10:00:07,256   Starting new HTTPS connection (1): network-ge-1.scl.lab.tlv.redhat.com
2017-05-16 10:00:07,420   "POST /ovirt-engine/sso/oauth/token HTTP/1.1" 200 121
2017-05-16 10:00:07,423   Error during SSO authentication access_denied : Cannot authenticate user 'admin@N/A': No valid profile found in credentials..
Traceback (most recent call last):
  File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 99, in _handle_request
    response = self.handle_request(method, key, id, content)
  File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 52, in handle_request
    self._get_response_handler(method, key), content, id)
  File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 30, in call_response_handler
    return json.dumps(response_handler(json.loads(content), id))
  File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 40, in post_tokens
    user_password=user_password)
  File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, in create_token
    return auth.core.plugin.create_token(user_at_domain, user_password)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", line 55, in create_token
    timeout=self._timeout())
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 60, in create_token
    username, password, engine_url, ca_file, timeout)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 53, in wrapper
    _check_for_error(result)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 160, in _check_for_error
    response['error_code'], response['error']))
Unauthorized: Error during SSO authentication access_denied : Cannot authenticate user 'admin@N/A': No valid profile found in credentials..
Comment 1 Mor 2017-06-06 08:07:54 UTC 
Verified on oVirt version: 4.2.0-0.0.master.20170605153216.gita063574.el7.centos
Comment 2 Sandro Bonazzola 2017-12-20 11:21:45 UTC 
This bugzilla is included in oVirt 4.2.0 release, published on Dec 20th 2017.

Since the problem described in this bug report should be
resolved in oVirt 4.2.0 release, published on Dec 20th 2017, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.
Note You need to log in before you can comment on or make changes to this bug.