1672860 – Whenever a new user clicks on the admin or user portal link to login before being granted system permission, a new entry with their name appears in the user list, one for each click

Bug 1672860 - Whenever a new user clicks on the admin or user portal link to login before being granted system permission, a new entry with their name appears in the user list, one for each click

Summary: Whenever a new user clicks on the admin or user portal link to login before b...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	ovirt-engine
Classification:	oVirt
Component:	General
Sub Component:
Version:	4.3.0
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	ovirt-4.3.2
Target Release:	4.3.2.1
Assignee:	Ravi Nori
QA Contact:	Petr Matyáš
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-02-06 04:10 UTC by aerianis
Modified:	2019-03-26 07:20 UTC (History)
CC List:	5 users (show)
Fixed In Version:	ovirt-engine-4.3.2.1
Clone Of:
Environment:
Last Closed:	2019-03-26 07:20:49 UTC
oVirt Team:	Infra
Embargoed:
Dependent Products:
Flags:	pm-rhel: ovirt-4.3+ lleistne: testing_ack+

Attachments	(Terms of Use)
User name appearing multiple times in the user list (126.11 KB, image/png) 2019-02-06 04:10 UTC, aerianis	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	98169	0	master	MERGED	aaa: Duplicate users in users list	2020-10-16 17:37:39 UTC

Description aerianis 2019-02-06 04:10:56 UTC

Created attachment 1527396 [details]
User name appearing multiple times in the user list

Description of problem:

A new user name appears multiple times in the users' list (under Administration). The number of entries is directly related to the number of times that user tries to login. This happens with both internal and LDAP users.

Version-Release number of selected component (if applicable):
4.3


How reproducible:

Always


Steps to Reproduce:

1. create a local user using ovirt-aaa-jdbc-tool (and Do not grant the user login access from the web admin portal), eg: 
#ovirt-aaa-jdbc-tool user add guest1 --attribute=firstName=guest
#ovirt-aaa-jdbc-tool user password-reset guest1

2. open the web portal and try to login as the new user (guest1). This message should appear: "Unable to log in because the password has expired. Change the password to proceed." 
3. Change the password.
4. Try to login with the new password you have created for guest1. You will see the message: "The user guest1@internal is not authorized to perform login"
5. Click on "Administration Portal" or "VM Portal" at least 3 times
6. Log in as the admin user and go to Administration->Users

Actual results:

The new user name (guest1) appears multiple times in the list, once for each time the user had clicked on either "Administration Portal" or "VM Portal", plus one for the original login attempt.


Expected results:

The new user name should appear only once in the user list.


Additional info:

This was also observed with LDAP users.
Also, if the user is deleted using ovirt-aaa-jdbc-tool, the web session still adds the user to the to the user list for each login attempt.

Comment 1 RHEL Program Management 2019-03-01 19:47:18 UTC

Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.

Comment 2 Petr Matyáš 2019-03-21 09:15:48 UTC

Verified on ovirt-engine-4.3.2.1-0.1.el7.noarch

Comment 3 Sandro Bonazzola 2019-03-26 07:20:49 UTC

This bugzilla is included in oVirt 4.3.2 release, published on March 19th 2019.

Since the problem described in this bug report should be
resolved in oVirt 4.3.2 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.

Note You need to log in before you can comment on or make changes to this bug.