Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 1491227 - Kibana login problem with usernames having backslash
Kibana login problem with usernames having backslash
Product: OpenShift Container Platform
Classification: Red Hat
Component: Logging (Show other bugs)
Unspecified Unspecified
unspecified Severity high
: ---
: 3.6.z
Assigned To: Jeff Cantrill
Anping Li
Depends On:
  Show dependency treegraph
Reported: 2017-09-13 07:20 EDT by Ruben Romero Montes
Modified: 2017-10-25 09:06 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: openshift-elasticsearch-plugin improperly handles usernames with back slash Consequence: Users are unable to access Elasticsearch Fix: Modify request to convert backslash to forward slash Result: Users are able to access Elasticsearch with usernames that contain back slashes.
Story Points: ---
Clone Of:
Last Closed: 2017-10-25 09:06:40 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
screenshot (152.50 KB, image/png)
2017-09-13 07:22 EDT, Ruben Romero Montes
no flags Details
Request failed to _mget (155.29 KB, image/png)
2017-09-14 09:16 EDT, Ruben Romero Montes
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
Github fabric8io/openshift-elasticsearch-plugin/pull/101 None None None 2017-09-14 16:19 EDT
Github openshift/origin-aggregated-logging/pull/675 None None None 2017-09-22 10:29 EDT
Red Hat Product Errata RHBA-2017:3049 normal SHIPPED_LIVE OpenShift Container Platform 3.6, 3.5, and 3.4 bug fix and enhancement update 2017-10-25 11:57:15 EDT

  None (edit)
Description Ruben Romero Montes 2017-09-13 07:20:07 EDT
Description of problem:
Having a valid OpenShift user with a backslash in the username (e.g. test\user) generally coming from an ActiveDirectory is preventing the users from login in with the following error:

{"type":"log","@timestamp":"2017-09-13T10:55:48Z","tags":["status","plugin:elasticsearch@1.0.0","error"],"pid":15,"state":"red","message":"Status changed from green to red - [pattern_syntax_exception] Illegal Unicode escape sequence near index 6\ntest\\user\n      ^","prevState":"green","prevMsg":"Kibana index ready"}

Version-Release number of selected component (if applicable):
  Also reproduced in

How reproducible:

Steps to Reproduce: (no need to synchronize with AD)
1. htpasswd /etc/origin/master/htpasswd test\user -p test
2. Log in to Openshift with this user
3. Create a project with some demo pod running
4. Click "View Archive"

Actual results:
 Kibana GUI error (see snapshot)
 Kibana Logs: 
{"type":"log","@timestamp":"2017-09-13T10:55:48Z","tags":["status","plugin:elasticsearch@1.0.0","error"],"pid":15,"state":"red","message":"Status changed from green to red - [pattern_syntax_exception] Illegal Unicode escape sequence near index 6\ntest\\user\n      ^","prevState":"green","prevMsg":"Kibana index ready"}

Expected results:
 User can view the logs normally in Kibana

Additional info:
Comment 1 Ruben Romero Montes 2017-09-13 07:22 EDT
Created attachment 1325317 [details]
Comment 2 Jeff Cantrill 2017-09-13 09:38:57 EDT
Is this a duplicate of 1456584?
Comment 3 Ruben Romero Montes 2017-09-13 10:35:05 EDT
It doesn't seem to be the same error. This one is:

 Illegal Unicode escape sequence near index 6

The other error was related to spaces in the names and the error message was: 
 com.floragunn.searchguard.tokeneval.MalformedConfigurationException: no bypass or execute filters at all
Comment 5 Jeff Cantrill 2017-09-13 11:19:58 EDT
I think the error message is unrelated to the login issue.
Comment 6 Ruben Romero Montes 2017-09-14 09:16 EDT
Created attachment 1326005 [details]
Request failed to _mget

The response is the following:
            "reason":"Illegal Unicode escape sequence near index 6\ntest\\user\n      ^"
      "reason":"Illegal Unicode escape sequence near index 6\ntest\\user\n      ^"
Comment 7 Ruben Romero Montes 2017-09-14 09:18:04 EDT
After that, when I refresh I am redirected to the status page with the following message for the elasticsearch plugin:

elasticsearch	1.0.0	 [pattern_syntax_exception] Illegal Unicode escape sequence near index 6 test\user ^
Comment 9 Jeff Cantrill 2017-09-14 16:19:08 EDT
The issue is in the SG plugin that is unable to handle user names with a slash.  Created: https://github.com/fabric8io/openshift-elasticsearch-plugin/pull/101 which converts the back slash to forward for ES use
Comment 12 Anping Li 2017-10-12 03:19:50 EDT
Verified and pass on images v3.
Comment 14 errata-xmlrpc 2017-10-25 09:06:40 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.