Bug 858997 - [CFCE GUI] Unexpected code is displayed in the message "The Username or Password is incorrect, please try again." of CFCE Web UI page.
[CFCE GUI] Unexpected code is displayed in the message "The Username or Passw...
Status: CLOSED ERRATA
Product: CloudForms Cloud Engine
Classification: Red Hat
Component: aeolus-conductor (Show other bugs)
1.1.0
x86_64 Linux
high Severity high
: beta2
: ---
Assigned To: Matt Wagner
Rehana
: Triaged
: 859937 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-09-20 06:37 EDT by Lijun Li
Modified: 2014-08-17 18:27 EDT (History)
9 users (show)

See Also:
Fixed In Version: aeolus-conductor-0.13.13-1.el6cf.src
Doc Type: Bug Fix
Doc Text:
If the user session expired with a subsequent attempt to use the system, an error message displayed: "$("#notifications").html("\n The Username or Password is incorrect, please try again.<\/p>\n<\/div>\n");" This was caused by incorrect handling of 401 errors on the login page. This update redirects users to the login screen after an expired session.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-12-04 10:20:43 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Unexpected code (29.72 KB, image/png)
2012-09-20 06:52 EDT, Lijun Li
no flags Details

  None (edit)
Description Lijun Li 2012-09-20 06:37:09 EDT
Description of problem:
Unexpected code is displayed in the message "The Username or Password is incorrect, please try again." of CFCE Web UI page. 

Version-Release number of selected component (if applicable):
aeolus-all-0.13.8-1.el6cf.noarch
aeolus-conductor-0.13.8-1.el6cf.noarch

How reproducible:
100%

Steps to Reproduce:
1. Install latest CloudForms Cloud Engine build.
2. Access CloudForms Cloud Engine using a web browser at the address https://[CloudEngineHost]/conductor
3. Disconnected from the network or wait a long time for losing the login session.
4. Click any area in the CloudForms Cloud Engine web page.
  
Actual results:
Unexpected code is displayed in the message "The Username or Password is incorrect, please try again." of CFCE Web UI page. 

Expected results:
The code should be removed from the message.

Additional info:
Comment 1 Lijun Li 2012-09-20 06:51:59 EDT
Unexpected code: 
$("#notifications").html("
\n

The Username or Password is incorrect, please try again.<\/p>\n<\/div>\n"); 

Also please refer to the screenshot.
Comment 2 Lijun Li 2012-09-20 06:52:51 EDT
Created attachment 614840 [details]
Unexpected code
Comment 4 Matt Wagner 2012-09-20 11:56:57 EDT
Okay, I have reproduced this. It occurs specifically when you attempt to load AJAX content after your session has expired.

A more fine-grained reproducer:
- Log into Conductor.
- On the Pools page, switch to filter (table) view
- Do not touch anything in Conductor for > 15 minutes
- Click the "Deployments" or "Instances" tab

Will debug and send a patch.
Comment 6 Matt Wagner 2012-09-21 12:08:52 EDT
Just picked onto 1.1:

commit ea76b9a19c73f260d27581f55d001de6d48f222f
Author: Matt Wagner <matt.wagner@redhat.com>
Date:   Fri Sep 21 11:43:09 2012 -0400

    BZ 858997 - Wraps login page JS with document.ready
    
    The code to handle 401s on the login page should only be called
    when the document is ready.
    (cherry picked from commit 123913485846b99309537533808c8d05ff5f1879)

commit c524a0574d08eb56d4118f0d3004bfa4fb90821c
Author: Matt Wagner <matt.wagner@redhat.com>
Date:   Fri Sep 21 10:47:27 2012 -0400

    BZ 858997 - Fix handling of unauthenticated XHR requests
    
    Both the login page and the rest of the app now support handling
    an HTTP 401 response when the request is unauthenticated.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=858997
    (cherry picked from commit 04922893dfd67666819fbd843be34eb4a275ecd0)
Comment 8 Mike Orazi 2012-09-25 09:47:53 EDT
*** Bug 859937 has been marked as a duplicate of this bug. ***
Comment 9 Ronelle Landy 2012-09-28 11:19:40 EDT
Tested rpms:

>> rpm -qa |grep aeolus
aeolus-configure-2.8.7-1.el6cf.noarch
rubygem-aeolus-image-0.3.0-12.el6.noarch
rubygem-aeolus-cli-0.7.2-1.el6cf.noarch
aeolus-conductor-0.13.14-1.el6cf.noarch
aeolus-conductor-daemons-0.13.14-1.el6cf.noarch
aeolus-conductor-doc-0.13.14-1.el6cf.noarch
aeolus-all-0.13.14-1.el6cf.noarch

I could nor reproduce the 'unexpected code'. When disconnecting from the network or when accessing the pools page and then clicking on the 'Instances' link (in that case, when the session timed out, I was just redirected to the login page).

Marking this BZ as 'verified'
Comment 11 errata-xmlrpc 2012-12-04 10:20:43 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2012-1516.html

Note You need to log in before you can comment on or make changes to this bug.