Bug 1507856 – OpenDaylight Jolokia services uses the default user and password instead of the supplied values

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1507856 - OpenDaylight Jolokia services uses the default user and password instead of the supplied values

Summary:	OpenDaylight Jolokia services uses the default user and password instead of t...

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	opendaylight (Show other bugs)
Sub Component:
Version:	12.0 (Pike)
Hardware:	Unspecified Unspecified

Priority	medium Severity high
Target Milestone:	beta
Target Release:	13.0 (Queens)
Assigned To:	Michael Vorburger
QA Contact:	Tomas Jamrisko
Docs Contact:

URL:
Whiteboard:
Keywords:	Triaged

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2017-10-31 06:24 EDT by Itzik Brown
Modified:	2018-10-18 03:24 EDT (History)
CC List:	9 users (show)

See Also:
Fixed In Version:	opendaylight-8.0.0-1.el7ost
Doc Type:	If docs needed, set a value
Doc Text:
Story Points:	---
Clone Of:
Environment:	N/A
Last Closed:	2018-06-27 09:38:59 EDT
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Launchpad	1728885	None	None	None	2017-10-31 06:26 EDT
OpenDaylight Bug	AAA-147	None	None	None	2017-11-07 11:09 EST
Github	rhuss/jolokia/pull/358	None	None	None	2018-02-05 15:03 EST
OpenDaylight gerrit	68069	None	None	None	2018-02-09 03:24 EST
OpenDaylight gerrit	68070	None	None	None	2018-02-09 03:25 EST
OpenDaylight gerrit	68072	None	None	None	2018-02-09 03:25 EST
Red Hat Product Errata	RHEA-2018:2086	None	None	None	2018-06-27 09:39 EDT

Groups: None (edit)

Description Itzik Brown 2017-10-31 06:24:12 EDT

Description of problem:

When querying the jolokia service in OpenDaylight it's possible only when using a user and a password admin:admin even when setting using other values for OpenDaylightUsername and OpenDaylightPassword in the environment files.

The query is:
curl -H "Content-Type:application/json" -u someuser:somepassword http://192.168.80.80:8081/jolokia/read/org.opendaylight.controller:Category=Shards,name=member-1-shard-inventory-config,type=DistributedConfigDatastor

Version-Release number of selected component (if applicable):
openstack-tripleo-heat-templates-7.0.3-0.20171023134948.el7ost.noarch

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Red Hat Bugzilla Rules Engine 2017-10-31 07:11:24 EDT

This bugzilla has been removed from the release since it has not been triaged, and needs to be reviewed for targeting another release.

Comment 2 Michael Vorburger 2017-11-01 08:28:30 EDT

If https://lists.opendaylight.org/pipermail/dev/2017-February/003343.html which Janki found is still accurate (which without proof to the contrarym I would assume it is), then it would seem that this "bug" is simply because in upstream ODL the Jolokia uid/pwd is currently hard-coded to admin/admin - see https://github.com/opendaylight/controller/blob/master/opendaylight/commons/jolokia/src/main/resources/org.jolokia.osgi.cfg

I'll see if we can engage Ryan upstream to do the neccessary work.  PMs, please NB that from an upstream perspective this is sort of more of an Enhancement, which will go into master, instead of a kind of "quick bug fix"...

Comment 3 Janki 2017-11-01 09:03:20 EDT

TripleO, via puppet-odl, configures username/password through idmtool which is incorporated in AAA project of ODL controller. Jolokia does not authenticate via AAA but has the values hard-coded (details in comment by Michael). So this is not a TripleO.

Comment 4 Itzik Brown 2017-11-01 09:16:08 EDT

(In reply to Janki from comment #3)
> TripleO, via puppet-odl, configures username/password through idmtool which
> is incorporated in AAA project of ODL controller. Jolokia does not
> authenticate via AAA but has the values hard-coded (details in comment by
> Michael). So this is not a TripleO.

So should we change the component to OpenDaylight?

Comment 5 Janki 2017-11-01 09:55:39 EDT

(In reply to Itzik Brown from comment #4)
> (In reply to Janki from comment #3)
> > TripleO, via puppet-odl, configures username/password through idmtool which
> > is incorporated in AAA project of ODL controller. Jolokia does not
> > authenticate via AAA but has the values hard-coded (details in comment by
> > Michael). So this is not a TripleO.
> 
> So should we change the component to OpenDaylight?

Already changed.

Comment 15 errata-xmlrpc 2018-06-27 09:38:59 EDT

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:2086

Note You need to log in before you can comment on or make changes to this bug.