[ https://issues.apache.org/jira/browse/AIRAVATA-2594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16336423#comment-16336423 ]
Eroma edited comment on AIRAVATA-2594 at 1/30/18 9:56 PM: ---------------------------------------------------------- Tested in dev.seagrid.org Test Cases # New user using campus credentials logged in from CILogon after been given gateway-user role. No authorization exception thrown. User logs in to Dashboard - PASS # New user using campus credentials logged in from CILogon after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - PASS # New user using campus credentials logged in from CILogon after been given admin role. No authorization exception thrown. User logs in to Admin Dashboard - # New user using google logged in from CILogon after been given gateway-user role. No authorization exception thrown. User logs in to Dashboard - # New user using google logged in from CILogon after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - # New user using google logged in from CILogon after been given admin role. No authorization exception thrown. User logs in to Admin Dashboard - # New user creates an account and logs in after been given gateway-user role. No authorization exception thrown. User logs in to Dashboard - # New user creates an account and logs in after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - # New user creates an account and logs in after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - # A New user using campus credentials through CILogon having gateway-user role given user-pending role. When logs in again sees the screen intended for pending user, no exceptions - # A New user using google through CILogon having admin-read-only role given user-pending role. When logs in again sees the screen intended for pending user, no exceptions - # A New user using created account having admin role given user-pending role. When logs in again sees the screen intended for pending user, no exceptions - was (Author: eroma_a): Tested in dev.seagrid.org Test Cases # New user using campus credentials logged in from CILogon after been given gateway-user role. No authorization exception thrown. User logs in to Dashboard - PASS # New user using campus credentials logged in from CILogon after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - # New user using campus credentials logged in from CILogon after been given admin role. No authorization exception thrown. User logs in to Admin Dashboard - # New user using google logged in from CILogon after been given gateway-user role. No authorization exception thrown. User logs in to Dashboard - # New user using google logged in from CILogon after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - # New user using google logged in from CILogon after been given admin role. No authorization exception thrown. User logs in to Admin Dashboard - # New user creates an account and logs in after been given gateway-user role. No authorization exception thrown. User logs in to Dashboard - # New user creates an account and logs in after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - # New user creates an account and logs in after been given admin-read-only role. No authorization exception thrown. User logs in to Admin Dashboard - # A New user using campus credentials through CILogon having gateway-user role given user-pending role. When logs in again sees the screen intended for pending user, no exceptions - # A New user using google through CILogon having admin-read-only role given user-pending role. When logs in again sees the screen intended for pending user, no exceptions - # A New user using created account having admin role given user-pending role. When logs in again sees the screen intended for pending user, no exceptions - > ssh account auto-provisioning fails for "gateway-user"? > ------------------------------------------------------- > > Key: AIRAVATA-2594 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2594 > Project: Airavata > Issue Type: Bug > Reporter: Marcus Christie > Assignee: Marcus Christie > Priority: Major > > Seeing this error in the logs when Stephen logged in to dev.seagrid.org > shortly after getting the gateway-user role: > {noformat} > [2017-11-16 01:54:20] production.ERROR: exception > 'Airavata\API\Error\AuthorizationException' with message 'User is not > authenticated or authorized.' in > /var/www/portals/dev-seagrid/app/libraries/Airavata/API/Airavata.php:51978 > Stack trace: > #0 > /var/www/portals/dev-seagrid/app/libraries/Airavata/API/Airavata.php(11933): > Airavata\API\Airavata_getGatewayResourc > eProfile_result->read(Object(Thrift\Protocol\TBinaryProtocol)) > #1 > /var/www/portals/dev-seagrid/app/libraries/Airavata/API/Airavata.php(11893): > Airavata\API\AiravataClient->recv_getGa > tewayResourceProfile() > #2 /var/www/portals/dev-seagrid/bootstrap/compiled.php(1452): > Airavata\API\AiravataClient->getGatewayResourceProfile(Ob > ject(Airavata\Model\Security\AuthzToken), 'seagrid') > #3 /var/www/portals/dev-seagrid/app/libraries/CRUtilities.php(549): > Illuminate\Support\Facades\Facade::__callStatic('ge > tGatewayResou...', Array) > #4 /var/www/portals/dev-seagrid/app/libraries/CRUtilities.php(549): > Airavata\Facades\Airavata::getGatewayResourceProfil > e(Object(Airavata\Model\Security\AuthzToken), 'seagrid') > #5 /var/www/portals/dev-seagrid/app/libraries/URPUtilities.php(187): > CRUtilities::getGatewayResourceProfile() > #6 /var/www/portals/dev-seagrid/app/controllers/AccountController.php(310): > URPUtilities::setup_auto_provisioned_accoun > ts() > #7 /var/www/portals/dev-seagrid/app/controllers/AccountController.php(178): > AccountController->initializeWithAiravata(' > stephenpaul2727', 'stephenpaul2727...', 'Stephen', 'Adithela', > 'eyJhbGciOiJSUzI...', 'eyJhbGciOiJSUzI...', 1510798758) > #8 [internal function]: AccountController->loginSubmit() > #9 > /var/www/portals/dev-seagrid/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(231): > call_user_func_arr > ay(Array, Array) > #10 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3819): > Illuminate\Routing\Controller->callAction('loginSubmit', > Array) > #11 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3807): > Illuminate\Routing\ControllerDispatcher->call(Object(Acc > ountController), Object(Illuminate\Routing\Route), 'loginSubmit') > #12 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3012): > Illuminate\Routing\ControllerDispatcher->dispatch(Object > (Illuminate\Routing\Route), Object(Illuminate\Http\Request), > 'AccountControll...', 'loginSubmit') > #13 [internal function]: > Illuminate\Routing\Router->Illuminate\Routing\{closure}() > #14 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3370): > call_user_func_array(Object(Closure), Array) > #15 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3037): > Illuminate\Routing\Route->run(Object(Illuminate\Http\Req > uest)) > #16 /var/www/portals/dev-seagrid/bootstrap/compiled.php(3025): > Illuminate\Routing\Router->dispatchToRoute(Object(Illumi > nate\Http\Request)) > #17 /var/www/portals/dev-seagrid/bootstrap/compiled.php(702): > Illuminate\Routing\Router->dispatch(Object(Illuminate\Htt > p\Request)) > #18 /var/www/portals/dev-seagrid/bootstrap/compiled.php(678): > Illuminate\Foundation\Application->dispatch(Object(Illumi > nate\Http\Request)) > #19 /var/www/portals/dev-seagrid/bootstrap/compiled.php(5797): > Illuminate\Foundation\Application->handle(Object(Illumin > ate\Http\Request), 1, true) > #20 /var/www/portals/dev-seagrid/bootstrap/compiled.php(6404): > Illuminate\Session\Middleware->handle(Object(Illuminate\ > Http\Request), 1, true) > #21 /var/www/portals/dev-seagrid/bootstrap/compiled.php(6351): > Illuminate\Cookie\Queue->handle(Object(Illuminate\Http\R > equest), 1, true) > #22 /var/www/portals/dev-seagrid/bootstrap/compiled.php(8367): > Illuminate\Cookie\Guard->handle(Object(Illuminate\Http\R > equest), 1, true) > #23 /var/www/portals/dev-seagrid/bootstrap/compiled.php(639): > Stack\StackedHttpKernel->handle(Object(Illuminate\Http\Re > quest)) > {noformat} > Possibly gateway-user isn't authorized to make the getGatewayResourceProfile > method call. -- This message was sent by Atlassian JIRA (v7.6.3#76005)