10:59 a.m.
Le 29/09/2016 à 08:36, Yedidyah Bar David a écrit :
On Wed, Sep 28, 2016 at 11:07 PM, Nicolas Ecarnot
<nicolas(a)ecarnot.net> wrote:
> Le 28/09/2016 à 20:47, Yaniv Kaul a écrit :
>
>
>> Apart that, by connecting into the engine VM, I saw that the engine
>> process was running, so I tried to access the web GUI, by running an SSH
>> connection to the bare-metal host :
>> ssh -L 8443:192.168.200.4:443 root(a)serv-hv-dev01.sdis.isere.fr
>>
>>
>> Accessing https://localhost:8443/ is working, but when trying to access
>> the login screen, I'm left with :
>> "The client is not authorized to request an authorization. It's
required
>> to access the system using FQDN."
>
>
> Add to your /etc/hosts
> 192.168.200.4 engine
>
> And connect to https://engine
>
>
> Yaniv,
>
> If you mean : "Change the /etc/hosts of the bare-metal server which is
> running Lago", I already tried that :
>
> root@serv-hv-dev01:/etc# cat /etc/hosts
> 127.0.0.1 localhost localhost.localdomain localhost4
> localhost4.localdomain4
> ::1 localhost localhost.localdomain localhost6
> localhost6.localdomain6
> 192.168.200.4 engine lago-basic-suite-4-0-engine.lago.local
>
> And of course, I adapted the "ssh -L" connection according to it :
> ssh -L 8443:engine:443 root@serv-hv-dev01
> or
> ssh -L 8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
>
> If you mean to change the /etc/hosts of the computer I'm initiating the ssh
> connection from, it does not seem relevant as it can not reach the internal
> 192.168.200/24 virtual subnet.
You can do something like this:
Add to your client's /etc/hosts:
127.0.3.1 engine
And then:
ssh -L engine:8443:lago-basic-suite-4-0-engine.lago.local:443 root@serv-hv-dev01
Hello,
Been there, tried that : to no avail.
In the engine log, I see :
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] Parameter app_url not found request, using default
value
2016-09-29 03:35:15,236 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] The client is not authorized to request an
authorization. It's required to access the system using FQDN.
2016-09-29 03:35:15,236 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-13) [] Exception:
org.ovirt.engine.core.sso.utils.OAuthException: The client is not
authorized to request an authorization. It's required to access the
system using FQDN.
at
org.ovirt.engine.core.sso.utils.SsoUtils.validateClientRequest(SsoUtils.java:460)
[enginesso.jar:]
at
org.ovirt.engine.core.sso.servlets.OAuthAuthorizeServlet.service(OAuthAuthorizeServlet.java:51)
[enginesso.jar:]
Moreover, reading https://www.ovirt.org/release/4.0.4/ , I see :
"it's required to access engine only using the same FQDN which was
specified during engine-setup invocation."
Isn't it the key of this issue?
Reading that, should I understand that from the moment this patch was
merged in, the "ssh -L" trick could not work anymore?
See also:
https://bugzilla.redhat.com/show_bug.cgi?id=1325746
I am not aware of lago support for this, patches are likely welcome :-)
I would be so glad to be skilled enough to contribute...
My skills are limited to testing and reporting.
--
Nicolas ECARNOT