Bug 1463614 - Install RHQ user operation not working when elytron is used for user authentication
Install RHQ user operation not working when elytron is used for user authenti...
Status: NEW
Product: JBoss Operations Network
Classification: JBoss
Component: Plugin -- JBoss EAP 7 (Show other bugs)
JON 3.3.8
Unspecified Unspecified
medium Severity medium
: ---
: One-off release
Assigned To: Simeon Pinder
Mike Foley
: Triaged
Depends On:
Blocks: 1387292
  Show dependency treegraph
 
Reported: 2017-06-21 06:27 EDT by Filip Brychta
Modified: 2017-06-22 09:45 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Filip Brychta 2017-06-21 06:27:40 EDT
Description of problem:
The Install RHQ user operation fails with:
"Management users properties file [] is not writable"
when elytron is used for user authentication.

Version-Release number of selected component (if applicable):
JON3.3.8 + EAP plugin pack update05.CR01
EAP 7.1.ER01

How reproducible:
Always

Steps to Reproduce:
1. unzip and start EAP 7.1.ER01
2. enable elytron components:
     a)  Set http-authentication-factory to use management-http-authentication

    /core-service=management/management-interface=http-interface:write-attribute( \
      name=http-authentication-factory, \
      value=management-http-authentication \
    )

    b) Set sasl-authentication-factory to use management-sasl-authentication

    /core-service=management/management-interface=http-interface:write-attribute( \
      name=http-upgrade.sasl-authentication-factory, \
      value=management-sasl-authentication \
    )

    c)Undefine security-realm

    /core-service=management/management-interface=http-interface:undefine-attribute(name=security-realm)

    d)Reload JBoss EAP for the changes to take affect. 

reload
3. import EAP to JON inventory
4. run Install RHQ user operation

Actual results:
Operation fails with "Management users properties file [] is not writable"
and EAP resource is down.

Expected results:


Additional info:
Documentation: https://doc-stage.usersys.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1.beta/html-single/how_to_configure_server_security/#mgmt_user_authentication_with_eltyron

When the rhqadmin user is added to mgmt-users.properties manually the EAP resource is UP and everything seems to be working.

Note You need to log in before you can comment on or make changes to this bug.