736482 – Katello returning inaccurate message via subscription-manager when user has incorrect credentials

Bug 736482 - Katello returning inaccurate message via subscription-manager when user has incorrect credentials

Summary: Katello returning inaccurate message via subscription-manager when user has i...

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Katello
Classification:	Retired
Component:	Webservice API
Sub Component:
Version:	1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Ivan Necas
QA Contact:	Katello QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-09-07 19:41 UTC by Corey Welton
Modified:	2011-09-26 15:16 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-09-26 15:16:51 UTC
Embargoed:

Attachments	(Terms of Use)

Description Corey Welton 2011-09-07 19:41:16 UTC

Description of problem:
When a user tries to use subscription-manager against katello with incorrect credentials, rather than being informed of such, s/he is told that the server does not support environments.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. install subscription-manager and assure prefix and port are correct, pointing to katello.
2. Assure you have an environment within ACME_Corporation called "Dev"
3. Attempt to register using incorrect u/p pair: 'subscription-manager register --username=dddadmin --password=admin --org=ACME_Corporation --environment=Dev --force'
4. Attempt to register using incorrect u/p pair: 'subscription-manager register --username=admin --password=admin --org=ACME_Corporation --environment=Dev --force'

  
Actual results:
For step 3: ERROR: Server does not support environments.
For step 4: Successful registration, as expected

Expected results:
For step 3: User should be told they have incorrect credentials, not that environments are not supported.

Additional info:

Compare results - first, attempting to register, using the --environment flag, against candlepin, which does not support the flag

[root@katello-test-rhel6-1 ~]# subscription-manager register --username=dddadmin --password=admin --org=ACME_Corporation --environment=Dev --force
ERROR: Server does not support environments.
[root@katello-test-rhel6-1 ~]# subscription-manager register --username=admin --password=admin --org=ACME_Corporation --environment=Dev --force
ERROR: Server does not support environments.

Second, attempting to register directly against candlepin, w/o --environment flag:
[root@katello-test-rhel6-1 ~]# subscription-manager register --username=dddadmin --password=admin --org=ACME_Corporation  --force
Invalid Credentials
[root@katello-test-rhel6-1 ~]# subscription-manager register --username=admin --password=admin --org=ACME_Corporation  --force
The system has been registered with id: 9febe477-226d-4730-b8dd-06b9aa6a27e5 


So here, we see that (a) candlepin always rejects any registration attempts with --environment flag and (b) correctly indicates that a user has invalid credentials.  Thus, it is only when registering directly through katello with invalid credentials that user is given the erroneous message.

Comment 1 Corey Welton 2011-09-07 19:43:35 UTC

Step 4 above should read:

4. Attempt to register using correct u/p pair: 'subscription-manager register
--username=admin --password=admin --org=ACME_Corporation --environment=Dev
--force'

Comment 2 Ivan Necas 2011-09-14 14:41:22 UTC

Filed a bug for subscription manager [1] since it seems there is problem on it's side: it checks available resources through katello api (to find out environments support), but does not check whether this request was authorized.

[1] - https://bugzilla.redhat.com/show_bug.cgi?id=738322

Note You need to log in before you can comment on or make changes to this bug.