[katello-devel] Weird issue after upgrade
Marek Hulan
mhulan at redhat.com
Wed May 15 14:20:18 UTC 2013
On Wednesday 15 of May 2013 09:25:23 Bryan Kearney wrote:
> On 05/15/2013 03:24 AM, Marek Hulan wrote:
> > On Tuesday 14 of May 2013 21:53:02 Justin Sherrill wrote:
> >> On 05/14/2013 09:41 PM, Og Maciel wrote:
> >>> Upgraded from a Friday build to today's and everything went smoothly,
> >>> but
> >>> using the web ui fails to load properly, displaying only "invalid
> >>> credentials" on a blank page. I thought it was some caching issue but
> >>> even after clearing the cache and even restarting firefox, I still
> >>> cannot
> >>> get the UI to show up.
> >>>
> >>> ==> /var/log/katello/thin-log.5015.log<==
> >>> WARNING: making https request to https://<SERVER>/signo/user/admin
> >>> without
> >>> verifying server certificate; no CA path was specified.
> >>>
> >>> ==> /var/log/katello/production.log<==
> >>> [ERROR 2013-05-14 21:35:17 app 66dc99ffe19bd6d7ee3aa01e75ed2915 #26133]
> >>> OpenID authentication failed: missing [ WARN 2013-05-14 21:35:17 app
> >>> 66dc99ffe19bd6d7ee3aa01e75ed2915 #26133] Request is unauthenticated_api
> >>> for 127.0.0.1
> >>>
> >>> Ideas?
> >>
> >> I saw the same thing on a nightly f18 build as well. I disabled SSO in
> >> my build to get me past it, but I'm the deeper issue remains.
> >>
> >> -Justin
> >>
> >> _______________________________________________
> >> katello-devel mailing list
> >> katello-devel at redhat.com
> >> https://www.redhat.com/mailman/listinfo/katello-devel
> >
> > I experienced this as well on LDAP based configuration. It happened to me
> > when I tried to login as a user that is in LDAP but not yet created in
> > Katello DB. When you login to Signo as such user and then try to access
> > Katello, Signo tells you this is the user A however Katello does not know
> > any user A.
> >
> > With this patch [1] a user in such case will see old Katello login form so
> > he can login using his LDAP credentials. Then he is automatically created
> > in Katello D and next time, Signo will work as expected.
> >
> > As soon as Signo starts providing user info we'll be able to create users
> > on fly as well. Meanwhile user must login using old system at first to be
> > created in Katello.
> >
> > [1]https://github.com/Katello/katello/pull/2270
>
> Can we solve the usr creation from Signo for MDP1?
I'm afraid it's a bigger a task than it may look like. We have to decide from
where to take user information, how to serve them etc. It's heavily connected
to user management features of Signo, currently user information are stored in
Katello or LDAP. We'll have to decide whether we want Signo to create it's own
storage or will be able to fetch information online from all supported auth
backends (e.g. for kerberos this would not be possible).
--
Marek
More information about the katello-devel
mailing list