Bug 991020 - webadmin portal: cannot login to "Administrator portal" after upgrade from is7 to is8
Summary: webadmin portal: cannot login to "Administrator portal" after upgrade from is...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-webadmin-portal
Version: 3.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Nobody's working on this, feel free to take it
QA Contact: Pavel Stehlik
URL:
Whiteboard: ux
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-08-01 12:14 UTC by Ilia Meerovich
Modified: 2016-07-05 00:06 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-08-16 21:12:59 UTC
oVirt Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Ilia Meerovich 2013-08-01 12:14:18 UTC 
I'm using Firefox ESR 17.0.5.

I was looged in with is7 version.
I did upgrade to is8 with rhevm-upgrade tool.
Now I cannot login to "Administrator portal" after upgrade from is7 to is8.
Firefox opens login window and i cannot enter user/password/domain  or press login button.

I can see next message in  /var/log/ovirt-engine/server.log:
2013-08-01 14:57:59,928 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/webadmin]] (ajp-/127.0.0.1:8702-2) Exception while dispatching incoming RPC call: java.lang.SecurityException: Blocked request without GWT base path header (XSRF attack?)
	at com.google.gwt.rpc.server.RpcServlet.getClientOracle(RpcServlet.java:95) [gwt-servlet.jar:]
	at com.google.gwt.rpc.server.RpcServlet.processPost(RpcServlet.java:205) [gwt-servlet.jar:]
	at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62) [gwt-servlet.jar:]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec.jar:1.0.2.Final-redhat-1]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec.jar:1.0.2.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.ovirt.engine.ui.frontend.server.gwt.GwtCachingFilter.doFilter(GwtCachingFilter.java:132) [frontend.jar:]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.ovirt.engine.core.utils.servlet.LocaleFilter.doFilter(LocaleFilter.java:59) [utils.jar:]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web.jar:7.2.0.Final-redhat-8]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.jboss.web.rewrite.RewriteValve.invoke(RewriteValve.java:465) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:488) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:420) [jbossweb.jar:7.2.0.Final-redhat-1]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb.jar:7.2.0.Final-redhat-1]
	at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25]

 (XSRF attack?)
	at com.google.gwt.rpc.server.RpcServlet.getCl
Comment 1 Itamar Heim 2013-08-01 19:56:25 UTC 
http://gerrit.ovirt.org/#/c/17567/
Comment 2 Einav Cohen 2013-08-16 20:24:25 UTC 
(In reply to Itamar Heim from comment #1)
> http://gerrit.ovirt.org/#/c/17567/

Alon: is this indeed a "duplicate" of Bug 990967 (symptoms described in both BZs are different)?
Comment 3 Alon Bar-Lev 2013-08-16 20:39:42 UTC 
(In reply to Einav Cohen from comment #2)
> (In reply to Itamar Heim from comment #1)
> > http://gerrit.ovirt.org/#/c/17567/
> 
> Alon: is this indeed a "duplicate" of Bug 990967 (symptoms described in both
> BZs are different)?

I don't know... maybe the same.

However, I do not understand why invest resources in issues of non stable product version upgrade into non stable product version.

If clean installation of latest engineering build is not working then I will look into it, also if upgrading from (latest-1) to latest worth looking into.

But going few none stable versions back is not something that ring an alarm.
Comment 4 Einav Cohen 2013-08-16 21:12:59 UTC 
thanks, Alon - agreed.
I am closing this one, as I assume clean installation of is8 is working appropriately. 
@Ilia - if this issue is still relevant (i.e. happens in a clean installation, for some reason, or when upgrading to the most recent rhevm-3.3 build release) - please re-open; thanks.
Note You need to log in before you can comment on or make changes to this bug.