Red Hat Bugzilla – Bug 607799
The "JBoss CSP Patch Feed" is not authenticating to the default Feed URL
Last modified: 2010-08-12 12:49:55 EDT
Description of problem: The "JBoss CSP Patch Feed" is not authenticating to the default Feed URL Version-Release number of selected component (if applicable): JBoss Operations Network version: 2.4.0.GA_QA build number: 10745:647a602 How reproducible: Steps to Reproduce: 1. Administration > Content > Content Sources > JBoss CSP Patch Feed 2. edit the Username and Password to a valid account 3. edit Active to Yes 4. click TEST CONNECTION Actual results: Test failed - failed to connect to the remote repository for [JBoss CSP Patch Feed] - check the configuration and make sure the remote repository is up and reachable. Details: java.lang.reflect.InvocationTargetException:null -> org.rhq.enterprise.server.plugin.pc.content.SyncException:Invalid login credentials specified for user [jonqa]. Make sure this user has an active account at the CSP and that the password is correct. Expected results: Additional info: Looks like the there is an issue with the default Feed URL... https://support.redhat.com/jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0 If if do a wget on this URL, there is a 301 error redirecting the request to a new URL: [jsefler@jsefler tmp]$ wget "https://support.redhat.com/jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0" --2010-06-24 17:05:49-- https://support.redhat.com/jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0 Resolving support.redhat.com... 10.4.127.17 Connecting to support.redhat.com|10.4.127.17|:443... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://access.redhat.com/jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0 [following] --2010-06-24 17:05:49-- https://access.redhat.com/jbossnetwork/restricted/feed/software.html?product=all&downloadType=all&flavor=rss&version=&jonVersion=2.0 Resolving access.redhat.com... 10.4.127.16 Connecting to access.redhat.com|10.4.127.16|:443... connected. HTTP request sent, awaiting response... 401 Unauthorized Authorization failed. If I explicitly change the Feed URL to the redirected location (on access.redhat.com), then TEST CONNECTION is successful. So there are two issues: 1. The current default Feed URL should be updated to the new url. 2. All the JONs out in the field are broken. New releases of JON should be able to handle the "301 Moved Permanently" when this happens again.
Simeon Can you confirm this problem and investigate what it would take to support the 301 redirect request we get back from the CSP Thanks
Yes. This is a problem and I've confirmed the described behavior. I'm looking into what the fix should be. Browsers handle the redirect seamlessly, we need to do the same in the code.
This is some odd behavior with the HttpClient. The HttpClient knows how to redirect properly and loads the redirect url as one would expect but does not update the Method instance properly and throws Http 401 unauthorized responses(even with correct credentials applied) if we proceed with the redirected instance. The fix is to store the original and actually loaded urls and reinitialize the instance when they differ. I log a warning to server for the admin to update the original url if the redirection is permanent. I looked into sending a message to the UI, but this would require additional changes that might introduce unnecessary instability. Available in successful builds of release branch release-3.0.0 >= 108. commit hash: 5055dca9b0d0bfde336be48704d50628663bd804 ## It's likely that this needs to be made available for patches to 2.3 and 2.3.1(not sure if further back, this class starts after 2.3) or at least a notification should be made that customers need to change the content source url, should be made. ##
Verified on JON 2.4 GA_QA (tag-jon-release build# 49) Revision: 10771 Steps: 1) Administration > Content > Content Sources > JBoss CSP Patch Feed 2) edit the Username and Password to a valid account 3) edit Active to Yes 4) click TEST CONNECTION 5) click SYNCHRONIZE Observation: 'TEST CONNECTION' successful with the message: 'Test passed - the remote repository for [JBoss CSP Patch Feed] is available. ' 'SYNCHRONIZE' gives message: 'Synchronizing content source [JBoss CSP Patch Feed] now. ' and list of available packages.
Created attachment 429190 [details] HTTP client log.
Mass-closure of verified bugs against JON.