
On Thu, Mar 21, 2019 at 3:46 PM Gianluca Cecchi <gianluca.cecchi@gmail.com> wrote:
. . .
I'm trying to add with name "MYOVN" from web admin gui: should I use instead another name?
Gianluca
Tried also this as detailed by Dominik, renewing certificates:
https://www.mail-archive.com/users@ovirt.org/msg53697.html Not understood what to do in step 2. Use the SSO_CLIENT_SECRET from the outfile produced by the previous command in /etc/ovirt-provider-ovn/conf.d/10-setup-ovirt-provider-ovn.conf "Use" in which way??? I named with default "ovirt-provider-ovn" the OVN provider, after enabling debug in OVN I get thsi when I test the connection in web admin gui 2019-03-22 10:40:41,917 root From: ::ffff:10.4.192.43:44744 Request: POST /v2.0/tokens 2019-03-22 10:40:41,918 root Request body: {"auth": {"passwordCredentials": {"username": "admin@internal", "password": "<PASSWORD_HIDDEN>"}}} 2019-03-22 10:40:41,918 auth.plugins.ovirt.sso Connecting to oVirt engine's SSO module: https://ovmgr1.mydomain:443/ovirt-engine/sso/oauth/token 2019-03-22 10:40:41,918 auth.plugins.ovirt.sso Connecting to oVirt engine's SSO module: https://ovmgr1.mydomain:443/ovirt-engine/sso/oauth/token 2019-03-22 10:40:41,921 urllib3.connectionpool Starting new HTTPS connection (1): ovmgr1.mydomain 2019-03-22 10:40:46,961 urllib3.connectionpool https://ovmgr1.mydomain:443 "POST /ovirt-engine/sso/oauth/token HTTP/1.1" 400 148 2019-03-22 10:40:46,964 root From: ::ffff:10.4.192.43:44744 Request: POST /v2.0/tokens 2019-03-22 10:40:46,964 root Request body: {"auth": {"passwordCredentials": {"username": "admin@internal", "password": "<PASSWORD_HIDDEN>"}}} 2019-03-22 10:40:46,964 root Error during SSO authentication Cannot authenticate user 'admin@internal': Unable to log in. Verify your login information or contact the system administrator.. : access_denied Traceback (most recent call last): File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 134, in _handle_request method, path_parts, content File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 175, in handle_request return self.call_response_handler(handler, content, parameters) File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 33, in call_response_handler return response_handler(content, parameters) File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 62, in post_tokens user_password=user_password) File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, in create_token return auth.core.plugin.create_token(user_at_domain, user_password) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", line 48, in create_token timeout=self._timeout()) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 75, in create_token username, password, engine_url, ca_file, timeout) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 91, in _get_sso_token timeout=timeout File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 55, in wrapper _check_for_error(response) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 181, in _check_for_error result['error'], details)) Unauthorized: Error during SSO authentication Cannot authenticate user 'admin@internal': Unable to log in. Verify your login information or contact the system administrator.. : access_denied It seems I have not completely understood the link between SSO and admin@internal as a user for OVN authentication.... Gianluca