Details
-
Bug
-
Resolution: Done
-
Major
-
jboss-fuse-6.2
-
%
-
-
6.3 Sprint 4 (Mar 28 - Apr 29)
Description
We have a user that is associated only with the SuperUser role. With debug logging enabled we can see the following error:
2015-10-08 14:44:17,237 | DEBUG | =git-upload-pack | GitSecureHttpContext | 102 - io.fabric8.fabric-git-server - 1.2.0.redhat-133 | Login failed javax.security.auth.login.FailedLoginException: User does not have the required role: admin at io.fabric8.git.http.GitSecureHttpContext.doAuthenticate(GitSecureHttpContext.java:184)[102:io.fabric8.fabric-git-server:1.2.0.redhat-133] at io.fabric8.git.http.GitSecureHttpContext.handleSecurity(GitSecureHttpContext.java:127)[102:io.fabric8.fabric-git-server:1.2.0.redhat-133] at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:68)[101:org.ops4j.pax.web.pax-web-jetty:3.2.3] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:240)[101:org.ops4j.pax.web.pax-web-jetty:3.2.3] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:75)[101:org.ops4j.pax.web.pax-web-jetty:3.2.3] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.Server.handle(Server.java:366)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[94:org.eclipse.jetty.aggregate.jetty-all-server:8.1.17.v20150415] at java.lang.Thread.run(Thread.java:745)[:1.8.0_51]
Creating io.fabric8.git.server.properties to the default.profile:
# Add properties here role=SuperUser
I've also noted that this role may only be set to one user. Specifying additional roles here results in an error:
2015-10-08 15:21:16,739 | DEBUG | p1785143401-3787 | GitSecureHttpContext | 102 - io.fabric8.fabric-git-server - 1.2.0.redhat-133 | Login failed javax.security.auth.login.FailedLoginException: User does not have the required role: SuperUser, admin
This file should be provided and we should be able to set multiple roles