How do you login? Do you use webadmin or API/SDK, if using SDK, don't
you use kerberos=True?

On Wed, Jun 28, 2017 at 5:21 PM, Fabrice Bacchella
<fabrice.bacche...@orange.fr> wrote:
> I tried to add a user in ovirt, but it's not identified:
> 2017-06-28 16:48:48,505+02 ERROR
> [org.ovirt.engine.core.sso.utils.NegotiateAuthUtils] (default task-22) []
> External Authentication Failed: Cannot resolve principal
> 'rexecutor@internal'
>
>
> /usr/bin/ovirt-aaa-jdbc-tool user  show rexecutor
> -- User rexecutor(b1727291-5ad4-4575-b8ec-53bdc9ce4aef) --
> Namespace: *
> Name: rexecutor
> ID: b1727291-5ad4-4575-b8ec-53bdc9ce4aef
> Display Name:
> Email:
> First Name:
> Last Name:
> Department:
> Title:
> Description:
> Account Disabled: false
> Account Locked: false
> Account Unlocked At: 2017-06-16 13:49:31Z
> Account Valid From: 2017-06-15 16:41:14Z
> Account Valid To: 2217-06-15 16:41:14Z
> Account Without Password: true
> Last successful Login At: 1970-01-01 00:00:00Z
> Last unsuccessful Login At: 1970-01-01 00:00:00Z
> Password Valid To: 2025-08-15 10:30:00Z
>
> It's listed as a known user:
> <user href="/ovirt-engine/api/users/49a12b6e-de03-4095-b6ed-2c1883f5542e"
> id="49a12b6e-de03-4095-b6ed-2c1883f5542e">
>   <department></department>
>
> <domain_entry_id>62313732373239312D356164342D343537352D623865632D353362646339636534616566</domain_entry_id>
>   <email></email>
>   <last_name></last_name>
>   <name></name>
>   <namespace>*</namespace>
>   <principal>rexecutor</principal>
>   <user_name>rexecutor@internal-authz</user_name>
>   <domain href="/ovirt-engine/api/domains/696E7465726E616C2D617574687A"
> id="696E7465726E616C2D617574687A">
>     <name>internal-authz</name>
>   </domain>
>   <permissions
> href="/ovirt-engine/api/users/49a12b6e-de03-4095-b6ed-2c1883f5542e/permissions"/>
>   <roles
> href="/ovirt-engine/api/users/49a12b6e-de03-4095-b6ed-2c1883f5542e/roles"/>
>   <ssh_public_keys
> href="/ovirt-engine/api/users/49a12b6e-de03-4095-b6ed-2c1883f5542e/sshpublickeys"/>
>   <tags
> href="/ovirt-engine/api/users/49a12b6e-de03-4095-b6ed-2c1883f5542e/tags"/>
> </user>
>
> My admin domain authentication looks OK:
> config.datasource.jdbcurl=jdbc:postgresql://pgdb:5432/ovirt_engine?sslfactory=org.postgresql.ssl.NonValidatingFactory
> config.datasource.dbuser=ovirt
> config.datasource.dbpassword=XXX
> config.datasource.jdbcdriver=org.postgresql.Driver
> config.datasource.schemaname=aaa_jdbc
>
> It tried to increase org.ovirt.engine.core.sso.utils debug log level by
> modifying /usr/share/ovirt-engine/services/ovirt-engine/ovirt-engine.xml.in
>
> diff ovirt-engine.xml.in*
> 201,204d200
> <       <logger category="org.ovirt.engine.core.sso.utils">
> <         <level name="ALL"/>
> <       </logger>
> <
>
> I just got in the log:
> 2017-06-28 17:17:09,404+02 DEBUG
> [org.ovirt.engine.core.sso.utils.NonInteractiveAuth] (default task-7) []
> Performing Negotiate Auth
> 2017-06-28 17:17:09,404+02 DEBUG
> [org.ovirt.engine.core.sso.utils.NegotiateAuthUtils] (default task-7) []
> Performing external authentication
> 2017-06-28 17:17:09,410+02 ERROR
> [org.ovirt.engine.core.sso.utils.NegotiateAuthUtils] (default task-7) []
> External Authentication Failed: Cannot resolve principal
> 'rexecutor@internal'
> 2017-06-28 17:17:09,410+02 DEBUG
> [org.ovirt.engine.core.sso.utils.NegotiateAuthUtils] (default task-7) []
> External Authentication Failed: Class: class
> org.ovirt.engine.core.extensions.mgr.ExtensionInvokeCommandFailedException
> Input:
> {Extkey[name=EXTENSION_INVOKE_COMMAND;type=class
> org.ovirt.engine.api.extensions.ExtUUID;uuid=EXTENSION_INVOKE_COMMAND[485778ab-bede-4f1a-b823-77b262a2f28d];]=AAA_AUTHZ_FETCH_PRINCIPAL_RECORD[5a5bf9bb-9336-4376-a823-26efe1ba26df],
> Extkey[name=AAA_AUTHZ_QUERY_FLAGS;type=class
> java.lang.Integer;uuid=AAA_AUTHZ_QUERY_FLAGS[97d226e9-8d87-49a0-9a7f-af689320907b];]=3,
> Extkey[name=EXTENSION_INVOKE_CONTEXT;type=class
> org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_INVOKE_CONTEXT[886d2ebb-312a-49ae-9cc3-e1f849834b7d];]={Extkey[name=AAA_AUTHZ_AVAILABLE_NAMESPACES;type=interface
> java.util.Collection;uuid=AAA_AUTHZ_AVAILABLE_NAMESPACES[6dffa34c-955f-486a-bd35-0a272b45a711];]=[DC=XXX],
> Extkey[name=EXTENSION_LICENSE;type=class
> java.lang.String;uuid=EXTENSION_LICENSE[8a61ad65-054c-4e31-9c6d-1ca4d60a4c18];]=ASL
> 2.0, Extkey[name=EXTENSION_GLOBAL_CONTEXT;type=class
> org.ovirt.engine.api.extensions.ExtMap;uuid=EXTENSION_GLOBAL_CONTEXT[9799e72f-7af6-4cf1-bf08-297bc8903676];]=*skip*,
> Extkey[name=EXTENSION_NAME;type=class
> java.lang.String;uuid=EXTENSION_NAME[651381d3-f54f-4547-bf28-b0b01a103184];]=ovirt-engine-extension-aaa-ldap.authz,
> Extkey[name=EXTENSION_MANAGER_TRACE_LOG;type=interface
> org.slf4j.Logger;uuid=EXTENSION_MANAGER_TRACE_LOG[863db666-3ea7-4751-9695-918a3197ad83];]=org.slf4j.impl.Slf4jLogger(org.ovirt.engine.core.extensions.mgr.ExtensionsManager.trace.ovirt-engine-extension-aaa-ldap.authz.XXX-authz),
> Extkey[name=EXTENSION_CONFIGURATION_SENSITIVE_KEYS;type=interface
> java.util.Collection;uuid=EXTENSION_CONFIGURATION_SENSITIVE_KEYS[a456efa1-73ff-4204-9f9b-ebff01e35263];]=[],
> Extkey[name=EXTENSION_VERSION;type=class
> java.lang.String;uuid=EXTENSION_VERSION[fe35f6a8-8239-4bdb-ab1a-af9f779ce68c];]=1.3.1,
> Extkey[name=EXTENSION_PROVIDES;type=interface
> java.util.Collection;uuid=EXTENSION_PROVIDES[8cf373a6-65b5-4594-b828-0e275087de91];]=[org.ovirt.engine.api.extensions.aaa.Authz],
> Extkey[name=EXTENSION_AUTHOR;type=class
> java.lang.String;uuid=EXTENSION_AUTHOR[ef242f7a-2dad-4bc5-9aad-e07018b7fbcc];]=The
> oVirt Project, Extkey[name=EXTENSION_LOCALE;type=class
> java.lang.String;uuid=EXTENSION_LOCALE[0780b112-0ce0-404a-b85e-8765d778bb29];]=en_US,
> Extkey[name=EXTENSION_CONFIGURATION_FILE;type=class
> java.lang.String;uuid=EXTENSION_CONFIGURATION_FILE[4fb0ffd3-983c-4f3f-98ff-9660bd67af6a];]=/etc/ovirt-engine/extensions.d/XXXX-authz.properties,
> Extkey[name=EXTENSION_HOME_URL;type=class
> java.lang.String;uuid=EXTENSION_HOME_URL[4ad7a2f4-f969-42d4-b399-72d192e18304];]=http://www.ovirt.org,
> Extkey[name=EXTENSION_CONFIGURATION;type=class
> java.util.Properties;uuid=EXTENSION_CONFIGURATION[2d48ab72-f0a1-4312-b4ae-5068a226b0fc];]=***,
> Extkey[name=EXTENSION_INTERFACE_VERSION_MAX;type=class
> java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MAX[f4cff49f-2717-4901-8ee9-df362446e3e7];]=0,
> Extkey[name=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE;type=class
> java.lang.Integer;uuid=AAA_AUTHZ_QUERY_MAX_FILTER_SIZE[2eb1f541-0f65-44a1-a6e3-014e247595f5];]=50,
> Extkey[name=EXTENSION_INTERFACE_VERSION_MIN;type=class
> java.lang.Integer;uuid=EXTENSION_INTERFACE_VERSION_MIN[2b84fc91-305b-497b-a1d7-d961b9d2ce0b];]=0,
> Extkey[name=EXTENSION_INSTANCE_NAME;type=class
> java.lang.String;uuid=EXTENSION_INSTANCE_NAME[65c67ff6-aeca-4bd5-a245-8674327f011b];]=XXXX-authz,
> Extkey[name=EXTENSION_BUILD_INTERFACE_VERSION;type=class
> java.lang.Integer;uuid=EXTENSION_BUILD_INTERFACE_VERSION[cb479e5a-4b23-46f8-aed3-56a4747a8ab7];]=0,
> Extkey[name=EXTENSION_NOTES;type=class
> java.lang.String;uuid=EXTENSION_NOTES[2da5ad7e-185a-4584-aaff-97f66978e4ea];]=Display
> name: ovirt-engine-extension-aaa-ldap-1.3.1-1.el7.centos},
> Extkey[name=AAA_AUTHN_AUTH_RECORD;type=class
> org.ovirt.engine.api.extensions.ExtMap;uuid=AAA_AUTHN_AUTH_RECORD[e9462168-b53b-44ac-9af5-f25e1697173e];]={Extkey[name=AAA_AUTHN_AUTH_RECORD_PRINCIPAL;type=class
> java.lang.String;uuid=AAA_AUTHN_AUTH_RECORD_PRINCIPAL[c3498f07-11fe-464c-958c-8bd7490b119a];]=rexecutor@internal}}
> Output:
> {Extkey[name=EXTENSION_INVOKE_MESSAGE;type=class
> java.lang.String;uuid=EXTENSION_INVOKE_MESSAGE[b7b053de-dc73-4bf7-9d26-b8bdb72f5893];]=Cannot
> resolve principal 'rexecutor@internal',
> Extkey[name=EXTENSION_INVOKE_RESULT;type=class
> java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=2}
>
> at
> org.ovirt.engine.core.extensions.mgr.ExtensionProxy.invoke(ExtensionProxy.java:95)
> [extensions-manager.jar:]
> at
> org.ovirt.engine.core.extensions.mgr.ExtensionProxy.invoke(ExtensionProxy.java:109)
> [extensions-manager.jar:]
> at
> org.ovirt.engine.core.sso.utils.NegotiateAuthUtils.doAuth(NegotiateAuthUtils.java:122)
> [enginesso.jar:]
> at
> org.ovirt.engine.core.sso.utils.NegotiateAuthUtils.doAuth(NegotiateAuthUtils.java:68)
> [enginesso.jar:]
> at
> org.ovirt.engine.core.sso.utils.NonInteractiveAuth$2.doAuth(NonInteractiveAuth.java:51)
> [enginesso.jar:]
> at
> org.ovirt.engine.core.sso.servlets.OAuthTokenServlet.issueTokenUsingHttpHeaders(OAuthTokenServlet.java:183)
> [enginesso.jar:]
> at
> org.ovirt.engine.core.sso.servlets.OAuthTokenServlet.service(OAuthTokenServlet.java:72)
> [enginesso.jar:]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
> [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
> at
> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.ovirt.engine.core.branding.BrandingFilter.doFilter(BrandingFilter.java:73)
> [branding.jar:]
> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.ovirt.engine.core.utils.servlet.LocaleFilter.doFilter(LocaleFilter.java:66)
> [utils.jar:]
> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.ovirt.engine.core.utils.servlet.HeaderFilter.doFilter(HeaderFilter.java:94)
> [utils.jar:]
> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_121]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_121]
> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_121]
>
> 2017-06-28 17:17:09,414+02 DEBUG
> [org.ovirt.engine.core.sso.utils.NegotiateAuthUtils] (default task-7) []
> External Authentication result: false
> 2017-06-28 17:17:09,414+02 ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
> (default task-7) [] OAuthException access_denied: Cannot authenticate user
> Authentication failed..
> 2017-06-28 17:17:09,414+02 DEBUG [org.ovirt.engine.core.sso.utils.SsoUtils]
> (default task-7) [] Exception:
> org.ovirt.engine.core.sso.utils.OAuthException: Cannot authenticate user
> Authentication failed..
> at
> org.ovirt.engine.core.sso.utils.SsoUtils.sendJsonDataWithMessage(SsoUtils.java:569)
> [enginesso.jar:]
> at
> org.ovirt.engine.core.sso.servlets.OAuthTokenServlet.service(OAuthTokenServlet.java:81)
> [enginesso.jar:]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
> [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
> at
> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.ovirt.engine.core.branding.BrandingFilter.doFilter(BrandingFilter.java:73)
> [branding.jar:]
> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.ovirt.engine.core.utils.servlet.LocaleFilter.doFilter(LocaleFilter.java:66)
> [utils.jar:]
> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.ovirt.engine.core.utils.servlet.HeaderFilter.doFilter(HeaderFilter.java:94)
> [utils.jar:]
> at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at
> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
> [undertow-servlet-1.4.0.Final.jar:1.4.0.Final]
> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805)
> [undertow-core-1.4.0.Final.jar:1.4.0.Final]
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> [rt.jar:1.8.0_121]
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> [rt.jar:1.8.0_121]
> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_121]
> Caused by: org.ovirt.engine.core.sso.utils.AuthenticationException: Cannot
> authenticate user Authentication failed..
> at
> org.ovirt.engine.core.sso.servlets.OAuthTokenServlet.issueTokenUsingHttpHeaders(OAuthTokenServlet.java:214)
> [enginesso.jar:]
> at
> org.ovirt.engine.core.sso.servlets.OAuthTokenServlet.service(OAuthTokenServlet.java:72)
> [enginesso.jar:]
> ... 50 more
>
> 2017-06-28 17:17:09,419+02 TRACE [org.ovirt.engine.core.sso.utils.SsoUtils]
> (default task-7) [] Sending json data
> {"error_code":"access_denied","error":"Cannot authenticate user
> Authentication failed.."}
>
>
>
> _______________________________________________
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Reply via email to