Bug 966256 - Unable to log in webui and cli after katello-configure in free_ipa mode
Unable to log in webui and cli after katello-configure in free_ipa mode
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Content Management (Show other bugs)
6.0.1
Unspecified Unspecified
unspecified Severity high (vote)
: Unspecified
: --
Assigned To: Marek Hulan
Hayk Hovsepyan
: Triaged
: 963329 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-22 17:18 EDT by sthirugn@redhat.com
Modified: 2013-07-18 17:23 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-07-18 17:23:45 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
webui login error (16.58 KB, image/png)
2013-05-22 17:18 EDT, sthirugn@redhat.com
no flags Details
production.log for cli log in failure (9.96 KB, text/plain)
2013-05-22 17:19 EDT, sthirugn@redhat.com
no flags Details

  None (edit)
Description sthirugn@redhat.com 2013-05-22 17:18:13 EDT
Created attachment 751907 [details]
webui login error

Description of problem:
Unable to log in webui and cli after katello-configure in free_ipa mode

Version-Release number of selected component (if applicable):
* candlepin-0.8.7-1.el6_4.noarch
* candlepin-scl-1-5.el6_4.noarch
* candlepin-scl-quartz-2.1.5-5.el6_4.noarch
* candlepin-scl-rhino-1.7R3-1.el6_4.noarch
* candlepin-scl-runtime-1-5.el6_4.noarch
* candlepin-selinux-0.8.7-1.el6_4.noarch
* candlepin-tomcat6-0.8.7-1.el6_4.noarch
* elasticsearch-0.19.9-8.el6sat.noarch
* foreman-1.1.10002-29.noarch
* foreman-postgresql-1.1.10002-29.noarch
* katello-1.4.2-6.el6sat.noarch
* katello-all-1.4.2-6.el6sat.noarch
* katello-certs-tools-1.4.2-2.el6sat.noarch
* katello-cli-1.4.2-5.el6sat.noarch
* katello-cli-common-1.4.2-5.el6sat.noarch
* katello-common-1.4.2-6.el6sat.noarch
* katello-configure-1.4.3-9.el6sat.noarch
* katello-configure-foreman-1.4.3-9.el6sat.noarch
* katello-foreman-all-1.4.2-6.el6sat.noarch
* katello-glue-candlepin-1.4.2-6.el6sat.noarch
* katello-glue-elasticsearch-1.4.2-6.el6sat.noarch
* katello-glue-pulp-1.4.2-6.el6sat.noarch
* katello-selinux-1.4.3-3.el6sat.noarch
* pulp-rpm-plugins-2.1.1-1.el6sat.noarch
* pulp-selinux-2.1.1-1.el6sat.noarch
* pulp-server-2.1.1-1.el6sat.noarch

How reproducible:
Always

Steps to Reproduce:
1. Install Satellite 6
2. Run katello-configure command in free_ipa mode mode
katello-configure --user-name=$user --user-email=$email --ldap-server=$server --auth-method=ldap --ldap-port=389 --ldap-server-type='free_ipa' --ldap-users-basedn=$usersbasedn --ldap-group-basedn=$groupsbasedn --ldap-roles=true --ldap-anon-queries=false --ldap-service-user=$user --ldap-service-pass=$pass --ldap-encryption=start_tls
3. Attempt to login to webui and cli


Actual results:
Not able to login to webui and cli.
1. Webui error (also see attached screenshot)
/var/log/signo/production.log:
[FATAL 2013-05-22 15:39:28 app  #19792]
 | TypeError (can't convert Symbol into Integer):
 |   app/models/backends/ldap.rb:21:in `do_auth'
 |   app/models/backends/ldap.rb:8:in `authenticate'
 |   app/models/backends/base.rb:14:in `block in authenticate'
 |   app/models/backends/base.rb:4:in `each'
 |   app/models/backends/base.rb:4:in `any?'
 |   app/models/backends/base.rb:4:in `authenticate'
 |   app/models/user.rb:15:in `authenticate'
 |   app/controllers/login_controller.rb:23:in `login'

2. cli error:
# katello -u $user -p $pass org list
undefined method `empty?' for false:FalseClass
(also see /var/log/katello/production.log attached)

Expected results:
Successful log in using webui and cli

Additional info:
Comment 1 sthirugn@redhat.com 2013-05-22 17:19:44 EDT
Created attachment 751908 [details]
production.log for cli log in failure
Comment 3 sthirugn@redhat.com 2013-05-24 16:05:35 EDT
The same error is observed in testing ldap in posix server mode

katello-configure command:
# katello-configure --user-name=*** --ldap-server=*** --auth-method=ldap --ldap-port=389 --ldap-server-type='posix' --ldap-users-basedn=*** --ldap-group-basedn=*** --ldap-encryption=start_tls --ldap-anon-queries=true

For now I am tracking this issue in this same bug.  If needed, I can create a separate Bugzilla issue in future.
Comment 4 Marek Hulan 2013-05-28 10:07:55 EDT
The problem is (for the 1. part at least), that during katello-configure a string was used instead of symbol. As a workaround you may specify :start_tls instead of start_tls however I'll modify ldap_fluff to accept string as valid option as well.
Comment 5 Bryan Kearney 2013-05-30 07:43:53 EDT
*** Bug 963329 has been marked as a duplicate of this bug. ***
Comment 6 Marek Hulan 2013-05-30 10:14:18 EDT
1. part is fixed in ldap_fluff 0.2.0, commit https://github.com/Katello/ldap_fluff/commit/dbd99bb81cae5ab4946ea7b698c629d79af08c3d

2. part is related to ldap_fluff, we need recent version of net-ldap gem, I built it in koji. For a new ldap_fluff some changes in katello and katello-installer are required, they are in https://github.com/Katello/katello/pull/2396 and https://github.com/Katello/katello-installer/pull/27

When these PR are merged I'll build and release ldap_fluff in koji and will put related revisions from katello third party here.
Comment 9 Brad Buckingham 2013-06-06 17:58:49 EDT
Mass move to ON_QA
Comment 10 Hayk Hovsepyan 2013-06-07 05:26:17 EDT
Verified in revision:
candlepin-0.8.9-1.el6_4.noarch
candlepin-cert-consumer-cfseserver2.usersys.redhat.com-1.0-1.noarch
candlepin-scl-1-5.el6_4.noarch
candlepin-scl-quartz-2.1.5-5.el6_4.noarch
candlepin-scl-rhino-1.7R3-1.el6_4.noarch
candlepin-scl-runtime-1-5.el6_4.noarch
candlepin-selinux-0.8.9-1.el6_4.noarch
candlepin-tomcat6-0.8.9-1.el6_4.noarch
elasticsearch-0.19.9-8.el6sat.noarch
katello-1.4.2-10.el6sat.noarch
katello-agent-1.4.2-4.el6sat.noarch
katello-all-1.4.2-10.el6sat.noarch
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-certs-tools-1.4.2-2.el6sat.noarch
katello-cli-1.4.2-7.el6sat.noarch
katello-cli-common-1.4.2-7.el6sat.noarch
katello-common-1.4.2-10.el6sat.noarch
katello-configure-1.4.3-14.el6sat.noarch
katello-configure-foreman-1.4.3-14.el6sat.noarch
katello-foreman-all-1.4.2-10.el6sat.noarch
katello-glue-candlepin-1.4.2-10.el6sat.noarch
katello-glue-elasticsearch-1.4.2-10.el6sat.noarch
katello-glue-pulp-1.4.2-10.el6sat.noarch
katello-qpid-broker-key-pair-1.0-1.noarch
katello-qpid-client-key-pair-1.0-1.noarch
katello-selinux-1.4.3-3.el6sat.noarch
m2crypto-0.21.1.pulp-8.el6sat.x86_64
mod_wsgi-3.4-1.pulp.el6sat.x86_64
pulp-rpm-handlers-2.1.1-1.el6sat.noarch
pulp-rpm-plugins-2.1.1-1.el6sat.noarch
pulp-selinux-2.1.1-1.el6sat.noarch
pulp-server-2.1.1-1.el6sat.noarch
python-isodate-0.5.0-1.pulp.el6sat.noarch
python-oauth2-1.5.170-3.pulp.el6sat.noarch
python-pulp-agent-lib-2.1.1-1.el6sat.noarch
python-pulp-common-2.1.1-1.el6sat.noarch
python-pulp-rpm-common-2.1.1-1.el6sat.noarch
python-qpid-0.18-5.el6_4.noarch
python-rhsm-1.8.0-1.pulp.el6sat.x86_64
qpid-cpp-client-0.14-22.el6_3.x86_64
qpid-cpp-client-ssl-0.14-22.el6_3.x86_64
qpid-cpp-server-0.14-22.el6_3.x86_64
qpid-cpp-server-ssl-0.14-22.el6_3.x86_64
ruby193-rubygem-foreman-katello-engine-0.0.8-5.el6sat.noarch
ruby193-rubygem-katello-foreman-engine-0.0.3-4.el6sat.noarch
ruby193-rubygem-katello_api-0.0.3-2.el6_4.noarch
ruby193-rubygem-ldap_fluff-0.2.2-1.el6sat.noarch
signo-katello-0.0.16-1.el6sat.noarch

Now it is able to login and execute commands.
Comment 11 Mike McCune 2013-07-18 17:23:45 EDT
mass move to CLOSED:CURRENTRELEASE since MDP1 has been released.

Note You need to log in before you can comment on or make changes to this bug.