Hide Forgot
Description of problem: [root@katello-ci katello]# katello -u admin -p admin system register --org=ACME_Corporation --environment=Development --name=katello-ci error: operation failed: RestClient::Forbidden: 403 Forbidden Version-Release number of selected component (if applicable): katello-0.1.57-1.git.12.5461708.fc14.noarch How reproducible: Steps to Reproduce: 1. Run above cli command 2. 3. Actual results: 403 Expected results: System registered Additional info: from cp logs: Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.OAuth - Checking for oauth authentication Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.RestEasyOAuthMessage - oauth_body_hash:2jmj7l5rSw0yVb/vlWAYkK/YBwk= Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.RestEasyOAuthMessage - oauth_consumer_key:katello Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.RestEasyOAuthMessage - oauth_nonce:QMDo52AlasnQKNwqANFrCMNcIiu87lTLfl6SiOzeQk Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.RestEasyOAuthMessage - oauth_signature:Z8r0ZnJPBf71f+4YljTuWOR3j3Q= Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.RestEasyOAuthMessage - oauth_signature_method:HMAC-SHA1 Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.RestEasyOAuthMessage - oauth_timestamp:1312483454 Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.resteasy.interceptor.RestEasyOAuthMessage - oauth_version:1.0 Aug 04 14:44:14 [http-8443-2] DEBUG org.fedoraproject.candlepin.auth.interceptor.SecurityInterceptor - Invoked security interceptor public org.fedoraproject.candlepin.model.Consumer org.fedoraproject.candlepin.resource.ConsumerResource.create(org.fedoraproject.candlepin.model.Consumer,org.fedoraproject.candlepin.auth.Principal,java.lang.String,java.lang.String,java.lang.String) throws org.fedoraproject.candlepin.exceptions.BadRequestException Aug 04 14:44:14 [http-8443-2] WARN org.fedoraproject.candlepin.auth.interceptor.SecurityInterceptor - Allowing invocation to proceed with no authentication required. Aug 04 14:44:14 [http-8443-2] ERROR org.fedoraproject.candlepin.exceptions.CandlepinExceptionMapper - Runtime exception: org.jboss.resteasy.spi.ApplicationException: org.fedoraproject.candlepin.exceptions.ForbiddenException: Insufficient permissions at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:154) at org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:248) at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:216) at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:205) at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:489) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:466) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:120) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:200) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:48) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:43) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:216) at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:141) at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:93) at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:63) at org.fedoraproject.candlepin.servlet.filter.VersionFilter.doFilter(VersionFilter.java:47) at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:129) at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59) at org.fedoraproject.candlepin.servlet.filter.logging.LoggingFilter.doFilter(LoggingFilter.java:55) at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:129) at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59) at com.wideplay.warp.persist.PersistenceFilter$3.run(PersistenceFilter.java:141) at com.wideplay.warp.persist.internal.Lifecycles.failEarlyAndLeaveNoOneBehind(Lifecycles.java:29) at com.wideplay.warp.persist.PersistenceFilter.doFilter(PersistenceFilter.java:155) at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:129) at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59) at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:122) at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:110) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:636) Caused by: org.fedoraproject.candlepin.exceptions.ForbiddenException: Insufficient permissions at org.fedoraproject.candlepin.resource.ConsumerResource.create(ConsumerResource.java:249) at org.fedoraproject.candlepin.resource.ConsumerResource$$EnhancerByGuice$$367808c9.CGLIB$create$1(<generated>) at org.fedoraproject.candlepin.resource.ConsumerResource$$EnhancerByGuice$$367808c9$$FastClassByGuice$$37d37b9e.invoke(<generated>) at com.google.inject.internal.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228) at com.google.inject.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:64) at org.fedoraproject.candlepin.auth.interceptor.SecurityInterceptor.invoke(SecurityInterceptor.java:99) at com.google.inject.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:64) at com.google.inject.InterceptorStackCallback.intercept(InterceptorStackCallback.java:44) at org.fedoraproject.candlepin.resource.ConsumerResource$$EnhancerByGuice$$367808c9.create(<generated>) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
There was no official fix for this, but I believe it was fixed indirectly. [root@katello-ci init.d]# katello -u admin -p admin system register --org=ACME_Corporation --environment=Development --name=katello-ci Successfully registered system [ katello-ci ] [root@katello-ci init.d]# rpm -q katello katello-0.1.61-1.git.30.a7174a6.fc14.noarch
getting rid of 6.0.0 version since that doesn't exist