Error during SSO authentication Cannot authenticate user 'admin@internal'
Since upgrading my test lab to ovirt 4.2 I can't get ovirt-provider-ovn to work. From ovirt-provider-ovn.log: 2017-11-14 00:40:15,795 Request: POST : /v2.0///tokens 2017-11-14 00:40:15,795 Request body: { "auth" : { "passwordCredentials" : { "username" : "admin@internal", "password" : "xxxxxxxxx" } } } 2017-11-14 00:40:15,819 Starting new HTTPS connection (1): h2-int 2017-11-14 00:40:20,829 "POST /ovirt-engine/sso/oauth/token HTTP/1.1" 400 118 2017-11-14 00:40:20,830 Error during SSO authentication Cannot authenticate user 'admin@internal': The username or password is incorrect.. : access_deniedNone Traceback (most recent call last): File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 119, in _handle_request method, path_parts, content) File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 177, in handle_request handler, content, parameters File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 28, in call_response_handler return response_handler(content, parameters) File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 58, in post_tokens user_password=user_password) File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, in create_token return auth.core.plugin.create_token(user_at_domain, user_password) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", line 48, in create_token timeout=self._timeout()) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 62, in create_token username, password, engine_url, ca_file, timeout) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 54, in wrapper _check_for_error(response) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 168, in _check_for_error result['error'], details)) Unauthorized: Error during SSO authentication Cannot authenticate user 'admin@internal': The username or password is incorrect.. : access_deniedNone And in engine.log: 2017-11-14 00:40:20,828+01 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-16) [] OAuthException access_denied: Cannot authenticate user 'admin@internal': The username or password is incorrect.. The password in the request is the same as used to log in to the admin portal and works fine there. /Sverker
On Tue, Nov 14, 2017 at 12:44 AM, Sverker Abrahamsson < sverker@abrahamsson.com> wrote:
Since upgrading my test lab to ovirt 4.2 I can't get ovirt-provider-ovn to work. From ovirt-provider-ovn.log:
2017-11-14 00:40:15,795 Request: POST : /v2.0///tokens 2017-11-14 00:40:15,795 Request body: { "auth" : { "passwordCredentials" : { "username" : "admin@internal", "password" : "xxxxxxxxx" } } } 2017-11-14 00:40:15,819 Starting new HTTPS connection (1): h2-int 2017-11-14 00:40:20,829 "POST /ovirt-engine/sso/oauth/token HTTP/1.1" 400 118 2017-11-14 00:40:20,830 Error during SSO authentication Cannot authenticate user 'admin@internal': The username or password is incorrect.. : access_deniedNone Traceback (most recent call last): File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 119, in _handle_request method, path_parts, content) File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 177, in handle_request handler, content, parameters File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 28, in call_response_handler return response_handler(content, parameters) File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 58, in post_tokens user_password=user_password) File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, in create_token return auth.core.plugin.create_token(user_at_domain, user_password) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", line 48, in create_token timeout=self._timeout()) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 62, in create_token username, password, engine_url, ca_file, timeout) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 54, in wrapper _check_for_error(response) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 168, in _check_for_error result['error'], details)) Unauthorized: Error during SSO authentication Cannot authenticate user 'admin@internal': The username or password is incorrect.. : access_deniedNone
And in engine.log:
2017-11-14 00:40:20,828+01 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-16) [] OAuthException access_denied: Cannot authenticate user 'admin@internal': The username or password is incorrect..
Could you please provide full engine logs so we can investigate? Thanks Martin
The password in the request is the same as used to log in to the admin portal and works fine there.
/Sverker
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
-- Martin Perina Associate Manager, Software Engineering Red Hat Czech s.r.o.
Can you connect to http://hostname:8080/ovirt-engine/api/ using this credentials? Even if the already posted stacktrace looks like expected, maybe you can share your /etc/ovirt-provider-ovn (without ovirt-sso-client-secret, which seems to be correct)? Thanks, Dominik On Tue, 14 Nov 2017 09:51:27 +0100 Martin Perina <mperina@redhat.com> wrote:
On Tue, Nov 14, 2017 at 12:44 AM, Sverker Abrahamsson < sverker@abrahamsson.com> wrote:
Since upgrading my test lab to ovirt 4.2 I can't get ovirt-provider-ovn to work. From ovirt-provider-ovn.log:
2017-11-14 00:40:15,795 Request: POST : /v2.0///tokens 2017-11-14 00:40:15,795 Request body: { "auth" : { "passwordCredentials" : { "username" : "admin@internal", "password" : "xxxxxxxxx" } } } 2017-11-14 00:40:15,819 Starting new HTTPS connection (1): h2-int 2017-11-14 00:40:20,829 "POST /ovirt-engine/sso/oauth/token HTTP/1.1" 400 118 2017-11-14 00:40:20,830 Error during SSO authentication Cannot authenticate user 'admin@internal': The username or password is incorrect.. : access_deniedNone Traceback (most recent call last): File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 119, in _handle_request method, path_parts, content) File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", line 177, in handle_request handler, content, parameters File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 28, in call_response_handler return response_handler(content, parameters) File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", line 58, in post_tokens user_password=user_password) File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, in create_token return auth.core.plugin.create_token(user_at_domain, user_password) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", line 48, in create_token timeout=self._timeout()) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 62, in create_token username, password, engine_url, ca_file, timeout) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 54, in wrapper _check_for_error(response) File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 168, in _check_for_error result['error'], details)) Unauthorized: Error during SSO authentication Cannot authenticate user 'admin@internal': The username or password is incorrect.. : access_deniedNone
And in engine.log:
2017-11-14 00:40:20,828+01 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-16) [] OAuthException access_denied: Cannot authenticate user 'admin@internal': The username or password is incorrect..
Could you please provide full engine logs so we can investigate?
Thanks
Martin
The password in the request is the same as used to log in to the admin portal and works fine there.
/Sverker
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (3)
-
Dominik Holler -
Martin Perina -
Sverker Abrahamsson