-
Bug
-
Resolution: Won't Do
-
Minor
-
4.2.0.CR1
-
- EXEC: make sure you DONT have credentials stored in Eclipse
- EXEC: launch application wizard and use a new connection/existing one where you DONT have credentials stored in secure storage. In both cases you need to use openshift.redhat.com as server (wont happen in stg.openshift.redhat.com)
- EXEC: provide bogus password
Result:
I get an unknown error and not the authentication error reported:
EXEC: make sure you DONT have credentials stored in Eclipse EXEC: launch application wizard and use a new connection/existing one where you DONT have credentials stored in secure storage. In both cases you need to use openshift.redhat.com as server (wont happen in stg.openshift.redhat.com) EXEC: provide bogus password Result: I get an unknown error and not the authentication error reported:
The issues is that OpenShift Online responds with 500 Internal Server Error when invalid credentials are being used (where 401 Unauthorized is expect)
curl -v --user adietish@redhat.com:bogus https://openshift.redhat.com/broker/rest/user* Adding handle: conn: 0xaa8a80 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * - Conn 0 (0xaa8a80) send_pipe: 1, recv_pipe: 0 * About to connect() to openshift.redhat.com port 443 (#0) * Trying 50.19.249.93... * Connected to openshift.redhat.com (50.19.249.93) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_RSA_WITH_AES_128_CBC_SHA * Server certificate: * subject: CN=openshift.redhat.com,O=Red Hat Inc.,L=Raleigh,ST=North Carolina,C=US * start date: Jul 23 00:00:00 2014 GMT * expire date: Jul 27 12:00:00 2017 GMT * common name: openshift.redhat.com * issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US * Server auth using Basic with user 'adietish@redhat.com' > GET /broker/rest/user HTTP/1.1 > Authorization: Basic YWRpZXRpc2hAcmVkaGF0LmNvbTpib2d1cw== > User-Agent: curl/7.32.0 > Host: openshift.redhat.com > Accept: */* > < HTTP/1.1 500 < Cache-Control: no-cache, private < Content-Type: application/json; charset=utf-8 < Date: Wed, 24 Sep 2014 10:18:21 GMT < ProxyTime: D=374659 * Server Apache/2.2.15 (Red Hat) is not blacklisted < Server: Apache/2.2.15 (Red Hat) < Status: 500 < Strict-Transport-Security: max-age=15768000, includeSubDomains < Vary: Accept-Encoding,User-Agent < X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.21 < X-Rack-Cache: miss < X-Request-Id: b25500e832d6bbebb1bc7eee5e3175b4 < X-Runtime: 0.367919 < X-UA-Compatible: IE=Edge,chrome=1 < Content-Length: 376 < Connection: keep-alive < * Connection #0 to host openshift.redhat.com left intact {"api_version":1.7,"data":null,"messages":[{"exit_code":1,"field":null,"index":null,"severity":"error","text":"Unable to authenticate the user. Please try again and contact support if the issue persists. \nReference ID: b25500e832d6bbebb1bc7eee5e3175b4"}],"status":"internal_server_error","supported_api_versions":[1.0,1.1,1.2,1.3,1.4,1.5,1.6,1.7],"type":null,"version":"1.7"}
stg.openshift.redaht.com is responding with the correct 401:
[adietish@localhost openshift-java-client]$ curl -v --proxy https://file.rdu.redhat.com:3128 --user adietish@redhat.com:bogus https://stg.openshift.redhat.com/broker/rest/user * Adding handle: conn: 0x178dae0 * Adding handle: send: 0 * Adding handle: recv: 0 * Curl_addHandleToPipeline: length: 1 * - Conn 0 (0x178dae0) send_pipe: 1, recv_pipe: 0 * About to connect() to proxy file.rdu.redhat.com port 3128 (#0) * Trying 10.11.5.7... * Connected to file.rdu.redhat.com (10.11.5.7) port 3128 (#0) * Establish HTTP proxy tunnel to stg.openshift.redhat.com:443 * Server auth using Basic with user 'adietish@redhat.com' > CONNECT stg.openshift.redhat.com:443 HTTP/1.1 > Host: stg.openshift.redhat.com:443 > User-Agent: curl/7.32.0 > Proxy-Connection: Keep-Alive > < HTTP/1.0 200 Connection established < * Proxy replied OK to CONNECT request * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSL connection using TLS_DHE_RSA_WITH_AES_256_CBC_SHA * Server certificate: * subject: CN=stg.openshift.redhat.com,O=Red Hat Inc.,L=Raleigh,ST=North Carolina,C=US * start date: Apr 30 00:00:00 2014 GMT * expire date: May 04 12:00:00 2016 GMT * common name: stg.openshift.redhat.com * issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US * Server auth using Basic with user 'adietish@redhat.com' > GET /broker/rest/user HTTP/1.1 > Authorization: Basic YWRpZXRpc2hAcmVkaGF0LmNvbTpib2d1cw== > User-Agent: curl/7.32.0 > Host: stg.openshift.redhat.com > Accept: */* > < HTTP/1.1 401 < Date: Wed, 24 Sep 2014 10:19:22 GMT * Server Apache/2.2.15 (Red Hat) is not blacklisted < Server: Apache/2.2.15 (Red Hat) < X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.21 * Authentication problem. Ignoring this. < WWW-Authenticate: Basic realm="Application" < X-UA-Compatible: IE=Edge,chrome=1 < Cache-Control: no-cache, private < X-Request-Id: 5217138e18f0e036b1880d006e4c3cb6 < X-Runtime: 0.569233 < X-Rack-Cache: miss < Status: 401 < Content-Length: 27 < Content-Type: text/html; charset=utf-8 < Vary: Accept-Encoding,User-Agent < Strict-Transport-Security: max-age=15768000, includeSubDomains < ProxyTime: D=574882 < HTTP Basic: Access denied. * Connection #0 to host file.rdu.redhat.com left intact
