Sangeetha Hariharan created CLOUDSTACK-1588:
-----------------------------------------------
Summary: AWS Regions - When registerUserKeys() is called for a
user from a region that is not the owner , it is handled by this region.
Key: CLOUDSTACK-1588
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1588
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Management Server
Affects Versions: 4.1.0
Environment: Latest build from 4.1
Reporter: Sangeetha Hariharan
Fix For: 4.1.0
AWS Regions - When registerUserKeys() is called for a user from a region that
is not the owner , it is handled by this region.
Installed 1 management server.
Created few domains,accounts and users.
Installed 2nd management server . Following steps were done as part of adding
this region:
1. Install a 2nd CS instance.
2. While installing database set region_id using -r option in
cloud-setup-databases script.
cloud-setup-databases cloud:<dbpassword>@localhost --deploy-as=root:<password>
-e <encryption_type> -m <management_server_key> -k <database_key> -r <region_id>
3. Start mgmt server
4. Using addRegion API, add region 1 to region 2 and also region 2 to region 1.
5. copy account/user/domain tables from Region1 DB to Region2 DB:
mysqldump -u cloud -p -h <region1_db_host> cloud account user domain >
region1.sql
mysql -u cloud -p -h <region2_db_host> cloud < region1.sql
After following all the above steps , log in to region2.
>From region 2, generate api and secret keys for user that is created in region
>1.
registerUserKeys() succeeds , it is handled by this region.
Expected Behavior:
Since the region is NOT the owner of this user , registerUserKeys() should be
forwarded to region 1.
90BAB0D9) 10.216.50.136 -- GET
command=registerUserKeys&response=json&sessionkey=BmhcYJGQdjTvUDGQ%2BDFljo%2BiXOE%3D&id=c6ca317e-386e-43eb-8892-a702807e1935&_=1362703218862
200 { "registeruserkeysresponse" : { "userkeys" :
{"apikey":"kBSMu4EUPXDcTtoD9ynTtPCxBz3xT7QmWwnTe6d9WXdCjKnoMpn1d3e-abk2Mv1qNe0zo-623ifunG7ABNJSqg","secretkey":"K2B0IoZ0H-I-fHL9N8j1O6nvzxI2OBZtnYMJgjgEY5in71BJi-O7GWtl4zsLqkSvcr2AQYccNfk2UUi2fbEPQQ"}
} }
mysql> select * from user where uuid="c6ca317e-386e-43eb-8892-a702807e1935";
+----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+----------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+
| id | uuid | username | password
| account_id | firstname | lastname | email | state
| api_key
| secret_key
| created
| removed | timezone | registration_token | is_registered |
incorrect_login_attempts | region_id |
+----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+----------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+
| 4 | c6ca317e-386e-43eb-8892-a702807e1935 | san-test11 |
53d9012c4b85f29b8ff5c5c3606e9d62 | 4 | san-test11 | san-test11 |
[email protected] | enabled |
kBSMu4EUPXDcTtoD9ynTtPCxBz3xT7QmWwnTe6d9WXdCjKnoMpn1d3e-abk2Mv1qNe0zo-623ifunG7ABNJSqg
|
mVvsiK8h//Act2Q5MYk6xeoL+J97c6UsD6/iHqm6KpehoYaWPsd4NdM66MD2GwU+bS8vmTcOgl8pS+TV4LxVJG1w0X5vUyCfZEfHAd0bia5NMuBrVlot8OVbTiuo7spF
| 2013-03-06 19:35:54 | NULL | America/Los_Angeles | NULL |
0 | 0 | 1 |
+----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+----------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+
1 row in set (0.00 sec)
mysql> select * from region;
+----+---------+------------------------------------+---------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------+
| id | name | end_point | api_key
| secret_key
|
+----+---------+------------------------------------+---------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------+
| 1 | region1 | http://10.223.131.202:8080/client/ |
jne_oosNAJtGpaW1U8ovFmLICPoHFDi0VjGsPCkL_FQhnqTt6ARVQQc5eoKmvJNnTTEVSQMkf17JLI2JnCYLQ
|
P3VIZycVsrGnkjZGwWVSC2MxCO686FPnJshvovq5v6M9HY2MieFbkQzIDo574FWsAI0vBB3C3Kt0io73ysimJw
|
| 2 | Local | http://localhost:8080/client/api |
|
|
+----+---------+------------------------------------+---------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
