Bug 1491227 - Kibana login problem with usernames having backslash
Summary: Kibana login problem with usernames having backslash
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Logging (Show other bugs)
(Show other bugs)
Version: 3.6.0
Hardware: Unspecified Unspecified
unspecified
high
Target Milestone: ---
: 3.6.z
Assignee: Jeff Cantrill
QA Contact: Anping Li
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-13 11:20 UTC by Ruben Romero Montes
Modified: 2017-10-25 13:06 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: openshift-elasticsearch-plugin improperly handles usernames with back slash Consequence: Users are unable to access Elasticsearch Fix: Modify request to convert backslash to forward slash Result: Users are able to access Elasticsearch with usernames that contain back slashes.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-10-25 13:06:40 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
screenshot (152.50 KB, image/png)
2017-09-13 11:22 UTC, Ruben Romero Montes
no flags Details
Request failed to _mget (155.29 KB, image/png)
2017-09-14 13:16 UTC, Ruben Romero Montes
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Github fabric8io openshift-elasticsearch-plugin pull 101 None None None 2017-09-14 20:19 UTC
Github openshift origin-aggregated-logging pull 675 None None None 2017-09-22 14:29 UTC
Red Hat Product Errata RHBA-2017:3049 normal SHIPPED_LIVE OpenShift Container Platform 3.6, 3.5, and 3.4 bug fix and enhancement update 2017-10-25 15:57:15 UTC

Description Ruben Romero Montes 2017-09-13 11:20:07 UTC
Description of problem:
Having a valid OpenShift user with a backslash in the username (e.g. test\user) generally coming from an ActiveDirectory is preventing the users from login in with the following error:

{"type":"log","@timestamp":"2017-09-13T10:55:48Z","tags":["status","plugin:elasticsearch@1.0.0","error"],"pid":15,"state":"red","message":"Status changed from green to red - [pattern_syntax_exception] Illegal Unicode escape sequence near index 6\ntest\\user\n      ^","prevState":"green","prevMsg":"Kibana index ready"}

Version-Release number of selected component (if applicable):
    Dockerfile-openshift3-logging-kibana-v3.6.173.0.21-17
  Also reproduced in
    Dockerfile-openshift3-logging-kibana-3.5.0-33

How reproducible:
Always

Steps to Reproduce: (no need to synchronize with AD)
1. htpasswd /etc/origin/master/htpasswd test\user -p test
2. Log in to Openshift with this user
3. Create a project with some demo pod running
4. Click "View Archive"

Actual results:
 Kibana GUI error (see snapshot)
 Kibana Logs: 
{"type":"log","@timestamp":"2017-09-13T10:55:48Z","tags":["status","plugin:elasticsearch@1.0.0","error"],"pid":15,"state":"red","message":"Status changed from green to red - [pattern_syntax_exception] Illegal Unicode escape sequence near index 6\ntest\\user\n      ^","prevState":"green","prevMsg":"Kibana index ready"}


Expected results:
 User can view the logs normally in Kibana

Additional info:

Comment 1 Ruben Romero Montes 2017-09-13 11:22 UTC
Created attachment 1325317 [details]
screenshot

Comment 2 Jeff Cantrill 2017-09-13 13:38:57 UTC
Is this a duplicate of 1456584?

Comment 3 Ruben Romero Montes 2017-09-13 14:35:05 UTC
It doesn't seem to be the same error. This one is:

 Illegal Unicode escape sequence near index 6
 test\\user
      ^

The other error was related to spaces in the names and the error message was: 
 com.floragunn.searchguard.tokeneval.MalformedConfigurationException: no bypass or execute filters at all

Comment 5 Jeff Cantrill 2017-09-13 15:19:58 UTC
I think the error message is unrelated to the login issue.

Comment 6 Ruben Romero Montes 2017-09-14 13:16 UTC
Created attachment 1326005 [details]
Request failed to _mget

The response is the following:
{  
   "error":{  
      "root_cause":[  
         {  
            "type":"pattern_syntax_exception",
            "reason":"Illegal Unicode escape sequence near index 6\ntest\\user\n      ^"
         }
      ],
      "type":"pattern_syntax_exception",
      "reason":"Illegal Unicode escape sequence near index 6\ntest\\user\n      ^"
   },
   "status":400
}

Comment 7 Ruben Romero Montes 2017-09-14 13:18:04 UTC
After that, when I refresh I am redirected to the status page with the following message for the elasticsearch plugin:

elasticsearch	1.0.0	 [pattern_syntax_exception] Illegal Unicode escape sequence near index 6 test\user ^

Comment 9 Jeff Cantrill 2017-09-14 20:19:08 UTC
The issue is in the SG plugin that is unable to handle user names with a slash.  Created: https://github.com/fabric8io/openshift-elasticsearch-plugin/pull/101 which converts the back slash to forward for ES use

Comment 12 Anping Li 2017-10-12 07:19:50 UTC
Verified and pass on images v3.6.173.0.48.

Comment 14 errata-xmlrpc 2017-10-25 13:06:40 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:3049


Note You need to log in before you can comment on or make changes to this bug.