8:08 a.m.
--=_3b67a522-cc8c-45aa-bd36-264bacfe713b
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Hello Everyone,
Anything else possible to check ?
Slava.
From: "Slava Bendersky" <volga629(a)networklab.ca>
To: "Ondra Machacek" <omachace(a)redhat.com>
Cc: "users" <users(a)ovirt.org>
Sent: Saturday, February 4, 2017 2:27:31 PM
Subject: Re: [ovirt-users] FreeIPA with ovirt 4.1
Hello Ondra,
Log is empty
[root@vhe00 ~]# ls -la /var/log/httpd/ssl_error_log
-rw-r--r--. 1 root root 0 Feb 2 04:45 /var/log/httpd/ssl_error_log
Slava.
From: "Ondra Machacek" <omachace(a)redhat.com>
To: "Slava Bendersky" <volga629(a)networklab.ca>
Cc: "users" <users(a)ovirt.org>, "Ravi" <rnori(a)redhat.com>
Sent: Saturday, February 4, 2017 10:35:31 AM
Subject: Re: [ovirt-users] FreeIPA with ovirt 4.1
On Feb 4, 2017 1:21 AM, "Slava Bendersky" < [ mailto:volga629@networklab.ca |
volga629(a)networklab.ca ] > wrote:
Hello Everyone,
Having trouble implement FreeIPA authentication with GSSAPI SSO and ovirt 4.1. I ran setup
and it finished OK then it wrote the files bellow. Next I log to web admin with internal
user and added FeeIPA user as SuperUser role. Also I added under System FreeIPA group
authorized to login on any attempt to login with FreeIPA credentials getting message
2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet]
(default task-6) [] Internal Server Error: Unsupported command
2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-6)
[] Unsupported command
2017-02-04 00:03:08,659Z ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet]
(default task-3) [] server_error: Unsupported command
Ravi, do you know what this can cause?
BQ_BEGIN
Also when in extensions.d directory contain the following files. If I remove
mydomain.lan-authn.properties then in web ui FreeIPA domain not showing up in drop down
list. Any http don't have influence on this.
BQ_END
That is correct behavior, we dont show profiles, which uses http for authn.
BQ_BEGIN
[root@vhe00 extensions.d]# pwd
/etc/ovirt-engine/extensions.d
[root@vhe00 extensions.d]# ls
mydomain.lan-authn.properties mydomain.lan -http-authn.properties mydomain.lan .properties
internal-authz.properties
mydomain.lan -authz.properties mydomain.lan -http-mapping.properties
internal-authn.properties
[root@vhe00 extensions.d]#
If possible clarify how it should be and what is possible issue.
BQ_END
Can you please take a look to /var/log/httpd/ssl_error_log if any errors there?
BQ_BEGIN
Slava.
_______________________________________________
Users mailing list
[ mailto:Users@ovirt.org | Users(a)ovirt.org ]
[ http://lists.ovirt.org/mailman/listinfo/users |
http://lists.ovirt.org/mailman/listinfo/users ]
BQ_END
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
--=_3b67a522-cc8c-45aa-bd36-264bacfe713b
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable
<html><body><div style=3D"font-family: lucida console,sans-serif;
font-size=
: 12pt; color: #000000"><div>Hello Everyone,</div><div>Anything
else possib=
le to check ?</div><div><br
data-mce-bogus=3D"1"></div><div>Slava.</div><di=
v><br></div><hr id=3D"zwchr"
data-marker=3D"__DIVIDER__"><div data-marker=
=3D"__HEADERS__"><b>From: </b>"Slava Bendersky"
&lt;volga629(a)networklab.ca&=
gt;<br><b>To: </b>"Ondra Machacek"
&lt;omachace(a)redhat.com&gt;<br><b>Cc: </=
b>"users" &lt;users(a)ovirt.org&gt;<br><b>Sent:
</b>Saturday, February 4, 201=
7 2:27:31 PM<br><b>Subject: </b>Re: [ovirt-users] FreeIPA with ovirt
4.1<br=
Users
mailing list<br <a
href=3D"mailto:Users@ovirt.org"
target=3D"_blank">Users(a)ovirt.org</a><br=
<a
href=3D"http://lists.ovirt.org/mailman/listinfo/users" rel=3D"noreferrer=
"
target=3D"_blank">http://lists.ovirt.org/mailman/listinfo/us...
<br></blockquote></div></div></div></div><br></div></div><br>______________=
_________________________________<br>Users mailing
list<br>Users(a)ovirt.org<=
br>http://lists.ovirt.org/mailman/listinfo/users<br></div>...
ml --=_3b67a522-cc8c-45aa-bd36-264bacfe713b--
</div><br><div
data-marker=3D"__QUOTED_TEXT__"><div style=3D"font-family: =
lucida console,sans-serif; font-size: 12pt; color: #000000"><div>Hello
Ondr=
a,</div><div>Log is
empty </div><br><div><div>[root@vhe00 ~]# ls -la &=
nbsp;/var/log/httpd/ssl_error_log</div><div>-rw-r--r--. 1 root root 0 Feb
&=
nbsp;2 04:45
/var/log/httpd/ssl_error_log</div></div><br><div>Slava.</div><=
br><hr id=3D"zwchr"><div><b>From: </b>"Ondra
Machacek" &lt;omachace(a)redhat.=
com><br><b>To: </b>"Slava Bendersky"
&lt;volga629(a)networklab.ca&gt;<br><=
b>Cc: </b>"users" &lt;users(a)ovirt.org&gt;, "Ravi"
&lt;rnori(a)redhat.com&gt;<=
br><b>Sent: </b>Saturday, February 4, 2017 10:35:31
AM<br><b>Subject: </b>R=
e: [ovirt-users] FreeIPA with ovirt 4.1<br></div><br><div><div
dir=3D"auto"=
<div><br><div
class=3D"gmail_extra"><br><div class=3D"gmail_quote">On
Feb =
4, 2017 1:21 AM, "Slava Bendersky" <<a
href=3D"mailto:volga629@networkla=
b.ca" target=3D"_blank">volga629(a)networklab.ca</a>&gt;
wrote:<br><blockquot=
e class=3D"quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc
solid;pad=
ding-left:1ex"><div><div style=3D"font-family:lucida
console,sans-serif;fon=
t-size:12pt;color:#000000"><div>Hello Everyone,</div><div>Having
trouble im=
plement FreeIPA authentication with GSSAPI SSO and ovirt 4.1. I=
ran setup and it finished OK then it wrote the files bellow. Next I log to=
web admin with internal user and added FeeIPA user as SuperUser role. Also=
I added under System FreeIPA group authorized to login on any attempt to l=
ogin with FreeIPA credentials getting
message</div><br><br><div><div>2017-0=
2-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.servlets.InteractiveAut=
hServlet] (default task-6) [] Internal Server Error: Unsupported command</d=
iv><div>2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.utils.Sso=
Utils] (default task-6) [] Unsupported command</div><div>2017-02-04 00:03:0=
8,659Z ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (defau=
lt task-3) [] server_error: Unsupported
command</div></div></div></div></bl=
ockquote></div></div></div><div
dir=3D"auto"><br></div><div dir=3D"auto">Ra=
vi, do you know what this can cause?</div><div
dir=3D"auto"><br></div><div =
dir=3D"auto"><div class=3D"gmail_extra"><div
class=3D"gmail_quote"><blockqu=
ote class=3D"quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc
solid;p=
adding-left:1ex"><div><div style=3D"font-family:lucida
console,sans-serif;f=
ont-size:12pt;color:#000000"><br><br><div>Also when in
extensions.d directo=
ry contain the following files. If I remove <span style=3D"color:#0000=
00;font-family:'lucida console',sans-serif;font-size:16px;font-style:normal=
;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;=
letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;=
white-space:normal;word-spacing:0px;background-color:#ffffff;display:inline=
!important;float:none">mydomain.lan-authn.properties then in web ui FreeIPA=
domain not showing up in drop down list. Any http don't have influence on =
this.</span></div></div></div></blockquote></div></div></div><div
dir=3D"au=
to"><br></div><div dir=3D"auto">That is correct
behavior, we dont show prof=
iles, which uses http for authn.</div><div
dir=3D"auto"><br></div><div dir=
=3D"auto"><div class=3D"gmail_extra"><div
class=3D"gmail_quote"><blockquote=
class=3D"quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc
solid;padd=
ing-left:1ex"><div><div style=3D"font-family:lucida
console,sans-serif;font=
-size:12pt;color:#000000"><div><span
style=3D"color:#000000;font-family:'lu=
cida console',sans-serif;font-size:16px;font-style:normal;font-variant-liga=
tures:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:nor=
mal;text-align:start;text-indent:0px;text-transform:none;white-space:normal=
;word-spacing:0px;background-color:#ffffff;display:inline!important;float:n=
one"><br></span></div><div><div>[root@vhe00
extensions.d]# pwd</div><div>/e=
tc/ovirt-engine/extensions.d</div><br><div>[root@vhe00 extensions.d]#
ls</d=
iv><div>mydomain.lan-authn.properties <span
style=3D"color:#000000;fon=
t-family:'lucida console',sans-serif;font-size:16px;font-style:normal;font-=
variant-ligatures:normal;font-variant-caps:normal;font-weight:normal;letter=
-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-=
space:normal;word-spacing:0px;background-color:#ffffff;display:inline!impor=
tant;float:none">mydomain.lan</span>-http-authn.properties
<span styl=
e=3D"color:#000000;font-family:'lucida console',sans-serif;font-size:16px;f=
ont-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;fon=
t-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text=
-transform:none;white-space:normal;word-spacing:0px;background-color:#fffff=
f;display:inline!important;float:none">mydomain.lan</span>.properties
 =
; internal-authz.properties</div><div><span
style=3D"color:#00=
0000;font-family:'lucida console',sans-serif;font-size:16px;font-style:norm=
al;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:norma=
l;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:non=
e;white-space:normal;word-spacing:0px;background-color:#ffffff;display:inli=
ne!important;float:none">mydomain.lan</span>-authz.properties <span
st=
yle=3D"color:#000000;font-family:'lucida console',sans-serif;font-size:16px=
;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;f=
ont-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;te=
xt-transform:none;white-space:normal;word-spacing:0px;background-color:#fff=
fff;display:inline!important;float:none">mydomain.lan</span>-http-mapping.p=
roperties internal-authn.properties</div><div>[root@vhe00
extensions.=
d]# </div></div><br><br><div>If possible clarify
how it should be and =
what is possible
issue.</div></div></div></blockquote></div></div></div><di=
v dir=3D"auto"><br></div><div dir=3D"auto">Can
you please take a look to /v=
ar/log/httpd/ssl_error_log if any errors there?</div><div
dir=3D"auto"><br>=
</div><div dir=3D"auto"><div
class=3D"gmail_extra"><div class=3D"gmail_quot=
e"><blockquote class=3D"quote" style=3D"margin:0 0 0
.8ex;border-left:1px #=
ccc solid;padding-left:1ex"><div><div style=3D"font-family:lucida
console,s=
ans-serif;font-size:12pt;color:#000000"><span style=3D"color:
#888888;"><br=
<br><br><div>Slava. </div></span></div></div><br>____________________=
___________________________<br