CLOUDSTACK-2516: Documenting the required components.xml change to deal with the authenticator behavior changes in 4.1
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/bf8b0983 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/bf8b0983 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/bf8b0983 Branch: refs/heads/4.1 Commit: bf8b09834fbeb0e67bdf52299ed2d0812844b665 Parents: c24edb0 Author: Chip Childers <[email protected]> Authored: Wed May 22 12:01:58 2013 -0400 Committer: Chip Childers <[email protected]> Committed: Wed May 22 12:01:58 2013 -0400 ---------------------------------------------------------------------- docs/en-US/Release_Notes.xml | 51 +++++++++++++++++++++++++++++++++++++ 1 files changed, 51 insertions(+), 0 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bf8b0983/docs/en-US/Release_Notes.xml ---------------------------------------------------------------------- diff --git a/docs/en-US/Release_Notes.xml b/docs/en-US/Release_Notes.xml index 9514980..e1cd292 100644 --- a/docs/en-US/Release_Notes.xml +++ b/docs/en-US/Release_Notes.xml @@ -4710,6 +4710,23 @@ under the License. <listitem> <para>If you have made changes to <filename>/etc/cloud/management/components.xml</filename>, you'll need to carry these over manually to the new file, <filename>/etc/cloudstack/management/componentContext.xml</filename>. This is not done automatically. (If you're unsure, we recommend making a backup of the original <filename>components.xml</filename> to be on the safe side.</para> </listitem> + <listitem> + <para>After upgrading to 4.1, API clients are expected to send plain text passwords for login and user creation, instead of MD5 hash. Incase, api client changes are not acceptable, following changes are to be made for backward compatibility:</para> + <para>Modify componentsContext.xml, and make PlainTextUserAuthenticator as the default authenticator (1st entry in the userAuthenticators adapter list is default)</para> + <programlisting language="XML"> +<!-- Security adapters --> +<bean id="userAuthenticators" class="com.cloud.utils.component.AdapterList"> + <property name="Adapters"> + <list> + <ref bean="PlainTextUserAuthenticator"/> + <ref bean="MD5UserAuthenticator"/> + <ref bean="LDAPUserAuthenticator"/> + </list> + </property> +</bean> + </programlisting> + <para>PlainTextUserAuthenticator works the same way MD5UserAuthenticator worked prior to 4.1.</para> + </listitem> <listitem id="upgrade-deb-packages"> <para>If you are using Ubuntu, follow this procedure to upgrade your packages. If not, skip to step <xref linkend="upgrade-rpm-packages" />.</para> <note><title>Community Packages</title> @@ -5077,6 +5094,23 @@ under the License. </note> </listitem> <listitem> + <para>After upgrading to 4.1, API clients are expected to send plain text passwords for login and user creation, instead of MD5 hash. Incase, api client changes are not acceptable, following changes are to be made for backward compatibility:</para> + <para>Modify componentsContext.xml, and make PlainTextUserAuthenticator as the default authenticator (1st entry in the userAuthenticators adapter list is default)</para> + <programlisting language="XML"> +<!-- Security adapters --> +<bean id="userAuthenticators" class="com.cloud.utils.component.AdapterList"> + <property name="Adapters"> + <list> + <ref bean="PlainTextUserAuthenticator"/> + <ref bean="MD5UserAuthenticator"/> + <ref bean="LDAPUserAuthenticator"/> + </list> + </property> +</bean> + </programlisting> + <para>PlainTextUserAuthenticator works the same way MD5UserAuthenticator worked prior to 4.1.</para> + </listitem> + <listitem> <para>Start the first Management Server. Do not start any other Management Server nodes yet.</para> <programlisting language="Bash"><prompt>#</prompt> service cloudstack-management start</programlisting> @@ -5609,6 +5643,23 @@ under the License. </orderedlist> </listitem> <listitem> + <para>After upgrading to 4.1, API clients are expected to send plain text passwords for login and user creation, instead of MD5 hash. Incase, api client changes are not acceptable, following changes are to be made for backward compatibility:</para> + <para>Modify componentsContext.xml, and make PlainTextUserAuthenticator as the default authenticator (1st entry in the userAuthenticators adapter list is default)</para> + <programlisting language="XML"> +<!-- Security adapters --> +<bean id="userAuthenticators" class="com.cloud.utils.component.AdapterList"> + <property name="Adapters"> + <list> + <ref bean="PlainTextUserAuthenticator"/> + <ref bean="MD5UserAuthenticator"/> + <ref bean="LDAPUserAuthenticator"/> + </list> + </property> +</bean> + </programlisting> + <para>PlainTextUserAuthenticator works the same way MD5UserAuthenticator worked prior to 4.1.</para> + </listitem> + <listitem> <para>If you have made changes to your existing copy of the <filename>/etc/cloud/management/db.properties</filename> file in your previous-version CloudStack installation, the changes will be preserved in the upgrade. However, you need
