Loading...

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: jboss-fuse-6.3
Affects Version/s: jboss-fuse-6.2
Component/s: Fabric8 v1
Labels:
- QA_AUTOMATED
- QA_WILL_AUTOMATE

Fuse Progress Bar:

% %
Steps to Reproduce:

Hide

1. Create a Fabric
2. I'm on 6.2 P2 plus HF4, HF9 and HF10 although I do not believe this matters
3. update password accordingly and compile attached ldap bundle
4. Deploy to root container
5. tester5 is only assigned to the SuperUser group and one will see the error immediately. tester4 is in the admin group and works as expected.

Show
1. Create a Fabric 2. I'm on 6.2 P2 plus HF4, HF9 and HF10 although I do not believe this matters 3. update password accordingly and compile attached ldap bundle 4. Deploy to root container 5. tester5 is only assigned to the SuperUser group and one will see the error immediately. tester4 is in the admin group and works as expected.

Sprint:
6.3 Sprint 4 (Mar 28 - Apr 29)

SFDC Cases Counter:
SFDC Cases Links:

Description

We have a user that is associated only with the SuperUser role. With debug logging enabled we can see the following error:

2015-10-08 14:44:17,237 | DEBUG | =git-upload-pack | GitSecureHttpContext             | 102 - io.fabric8.fabric-git-server - 1.2.0.redhat-133 | Login failed
javax.security.auth.login.FailedLoginException: User does not have the required role: admin
	at io.fabric8.git.http.GitSecureHttpContext.doAuthenticate(GitSecureHttpContext.java:184)[102:io.fabric8.fabric-git-server:1.2.0.redhat-133]
	at io.fabric8.git.http.GitSecureHttpContext.handleSecurity(GitSecureHttpContext.java:127)[102:io.fabric8.fabric-git-server:1.2.0.redhat-133]
	at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:68)[101:org.ops4j.pax.web.pax-web-jetty:3.2.3]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:240)[101:org.ops4j.pax.web.pax-web-jetty:3.2.3]
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:75)[101:org.ops4j.pax.web.pax-web-jetty:3.2.3]
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.Server.handle(Server.java:366)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415]
	at java.lang.Thread.run(Thread.java:745)[:1.8.0_51]

Creating io.fabric8.git.server.properties to the default.profile:

# Add properties here
role=SuperUser

I've also noted that this role may only be set to one user. Specifying additional roles here results in an error:

2015-10-08 15:21:16,739 | DEBUG | p1785143401-3787 | GitSecureHttpContext             | 102 - io.fabric8.fabric-git-server - 1.2.0.redhat-133 | Login failed
javax.security.auth.login.FailedLoginException: User does not have the required role: SuperUser, admin

This file should be provided and we should be able to set multiple roles

fabric-git-server defaults to admin role and may only be associated with one role

Details

Description

Attachments

Activity

People

Dates