Re: [ACS41]Only default Root admin is allowed to login Management Server

[Rohit Yadav]

Thanks guys :)

On Fri, Feb 8, 2013 at 11:25 AM, Min Chen <min.c...@citrix.com> wrote:
> We found the right fix for this bug, the root cause is that we have
> multiple beans defined for ApiRateLimitServiceImpl, causing that
> ApiServer.apiAccessCheckers are injected with 3 instances of
> ApiRateLimitServiceImpl. Reverted Rohit's commit, and fixed the bug
> through commit 3ce7531d2b9b1ec0bc4bf2b8935df306f6310d79.
>
> Thanks
> -min
>
> On 2/7/13 10:36 AM, "Alex Huang" <alex.hu...@citrix.com> wrote:
>
>>I disagree.  I don't think the fix is ok.  It works around the problem
>>rather than fixes the root of the problem.  Will only lead to more
>>problems.  Should revert and work on the right fix.
>>
>>--Alex
>>
>>> -----Original Message-----
>>> From: Min Chen [mailto:min.c...@citrix.com]
>>> Sent: Thursday, February 07, 2013 9:21 AM
>>> To: Kishan Kavala; Sudha Ponnaganti
>>> Cc: Sailaja Mada; Abhinandan Prateek; Likitha Shetty; cloudstack-
>>> d...@incubator.apache.org; Kelven Yang
>>> Subject: Re: [ACS41]Only default Root admin is allowed to login
>>>Management
>>> Server
>>>
>>> +Kelven here to comment on how Spring handles @Component injection.
>>>
>>> I have reviewed Rohit's change, it looks ok.  But I think that we need
>>>to solve
>>> the root cause of this issue. ApiRateLimitServiceImpl has been annotated
>>> with @Component, so it should be a singleton. Theoretically, we should
>>>not
>>> need to make _store as static variable in this case.  Let's keep this
>>>bug still
>>> open until we figured out the root cause.
>>>
>>> Thanks
>>> -min
>>>
>>> From: Kishan Kavala
>>> <kishan.kav...@citrix.com<mailto:kishan.kav...@citrix.com>>
>>> Date: Thursday, February 7, 2013 7:53 AM
>>> To: Sudha Ponnaganti
>>> <sudha.ponnaga...@citrix.com<mailto:sudha.ponnaga...@citrix.com>>
>>> Cc: Sailaja Mada
>>><sailaja.m...@citrix.com<mailto:sailaja.m...@citrix.com>>,
>>> Abhinandan Prateek
>>> <abhinandan.prat...@citrix.com<mailto:abhinandan.prat...@citrix.com>>,
>>> Likitha Shetty
>>><likitha.she...@citrix.com<mailto:likitha.she...@citrix.com>>,
>>> "cloudstack-dev@incubator.apache.org<mailto:cloudstack-
>>> d...@incubator.apache.org>" <cloudstack-
>>> d...@incubator.apache.org<mailto:cloudstack-dev@incubator.apache.org>>,
>>> Min Chen <min.c...@citrix.com<mailto:min.c...@citrix.com>>
>>> Subject: Re: [ACS41]Only default Root admin is allowed to login
>>>Management
>>> Server
>>>
>>> Rohit fixed this today.
>>>
>>> Min,
>>>   Can you please review the fix?
>>>
>>> Branch: refs/heads/4.1
>>> Commit: b513448ec2748619cf90fc215336b5065796a5c6
>>> Parents: c693cfb
>>> Author: Rohit Yadav <bhais...@apache.org<mailto:bhais...@apache.org>>
>>> Authored: Thu Feb 7 18:23:05 2013 +0530
>>> Committer: Rohit Yadav
>>> <bhais...@apache.org<mailto:bhais...@apache.org>>
>>> Committed: Thu Feb 7 18:24:35 2013 +0530
>>>
>>> On 07-Feb-2013, at 4:11 PM, "Sudha Ponnaganti"
>>> <sudha.ponnaga...@citrix.com<mailto:sudha.ponnaga...@citrix.com>>
>>> wrote:
>>>
>>> Pl do submit JIRA ticket for tracking
>>>
>>> -----Original Message-----
>>> From: Sailaja Mada [mailto:sailaja.m...@citrix.com]
>>> Sent: Thursday, February 07, 2013 1:48 AM
>>> To: Abhinandan Prateek; Kishan Kavala; Likitha Shetty; cloudstack-
>>> d...@incubator.apache.org<mailto:cloudstack-dev@incubator.apache.org>
>>> Subject: RE: [ACS41]Only default Root admin is allowed to login
>>>Management
>>> Server
>>>
>>> Hi Kishan,
>>>
>>> I am able to access management server with Admin Account users. But  it
>>> failed with users of user account type:
>>>
>>> 2013-02-07 15:16:28,844 DEBUG [cloud.api.ApiServlet] (8200788@qtp-
>>> 30208173-2:null) ===START===  10.252.224.85 -- POST  null
>>> 2013-02-07 15:16:28,847 DEBUG [cloud.user.AccountManagerImpl]
>>> (8200788@qtp-30208173-2:null) Attempting to log in user: user1 in
>>>domain 1
>>> 2013-02-07 15:16:28,847 DEBUG [server.auth.MD5UserAuthenticator]
>>> (8200788@qtp-30208173-2:null) Retrieving user: user1
>>> 2013-02-07 15:16:28,858 DEBUG [cloud.user.AccountManagerImpl]
>>> (8200788@qtp-30208173-2:null) User: user1 in domain 1 has successfully
>>> logged in
>>> 2013-02-07 15:16:28,874 DEBUG [cloud.api.ApiServlet] (8200788@qtp-
>>> 30208173-2:null) ===END===  10.252.224.85 -- POST  null
>>> 2013-02-07 15:16:28,914 DEBUG [cloud.api.ApiServlet] (8200788@qtp-
>>> 30208173-2:null) ===START===  10.252.224.85 -- GET
>>> command=listCapabilities&response=json&sessionkey=vikAvO3ZLzfbhm1O8
>>> hL6IaJhY2Q%3D&_=1360230392794
>>> 2013-02-07 15:16:28,919 ERROR [cloud.api.ApiServer] (8200788@qtp-
>>> 30208173-2:null) unable to verify request signature
>>> 2013-02-07 15:16:28,920 DEBUG [cloud.api.ApiServlet] (8200788@qtp-
>>> 30208173-2:null) ===END===  10.252.224.85 -- GET
>>> command=listCapabilities&response=json&sessionkey=vikAvO3ZLzfbhm1O8
>>> hL6IaJhY2Q%3D&_=1360230392794
>>>
>>> Thanks,
>>> Sailaja.M
>>>
>>> -----Original Message-----
>>> From: Abhinandan Prateek
>>> Sent: Wednesday, February 06, 2013 8:47 PM
>>> To: Sailaja Mada; Kishan Kavala; Likitha Shetty; cloudstack-
>>> d...@incubator.apache.org<mailto:cloudstack-dev@incubator.apache.org>
>>> Subject: Re: [ACS41]Only default Root admin is allowed to login
>>>Management
>>> Server
>>>
>>> The PlainTextUserAuthenticator is redundant now, we should get rid of
>>>that.
>>>
>>> -abhi
>>>
>>> On 06/02/13 2:42 PM, "Sailaja Mada"
>>> <sailaja.m...@citrix.com<mailto:sailaja.m...@citrix.com>> wrote:
>>>
>>> Thanks Kishan. Jira ID is :
>>> https://issues.apache.org/jira/browse/CLOUDSTACK-1175
>>>
>>> Regards,
>>> Sailaja.M
>>>
>>> -----Original Message-----
>>> From: Kishan Kavala
>>> Sent: Wednesday, February 06, 2013 2:23 PM
>>> To: Likitha Shetty; Sailaja Mada; cloudstack-
>>> d...@incubator.apache.org<mailto:cloudstack-dev@incubator.apache.org>
>>> Subject: RE: [ACS41]Only default Root admin is allowed to login
>>> Management Server
>>>
>>> PlainTextUserAuthenticator is being loaded by default and password is
>>> stored in plain text. It should use MD5UserAuthenticator instead.
>>>
>>> Sailaja,
>>> Can you please file a bug? I'll be fixing it shortly.
>>>
>>> ~kishan
>>>
>>> -----Original Message-----
>>> From: Likitha Shetty [mailto:likitha.she...@citrix.com]
>>> Sent: Wednesday, 6 February 2013 12:19 PM
>>> To: Sailaja Mada; cloudstack-dev@incubator.apache.org<mailto:cloudstack-
>>> d...@incubator.apache.org>
>>> Subject: RE: [ACS41]Only default Root admin is allowed to login
>>> Management Server
>>>
>>> I am facing the same issue.
>>>
>>> Thank you,
>>> Likitha
>>>
>>> -----Original Message-----
>>> From: Sailaja Mada [mailto:sailaja.m...@citrix.com]
>>> Sent: Wednesday, February 06, 2013 12:09 PM
>>> To: cloudstack-dev@incubator.apache.org<mailto:cloudstack-
>>> d...@incubator.apache.org>
>>> Subject: [ACS41]Only default Root admin is allowed to login
>>> Management Server
>>>
>>> Hi,
>>>
>>> I have created user/admin accounts under root domain.  I am not able
>>> login with these users. I tried with users under a new domain as well.
>>> =========================================================
>>> ========
>>> ======================
>>> 2013-02-06 12:00:31,671 INFO  [cloud.api.ApiServer]
>>> (11296479@qtp-30212151-
>>> 22:null)  10.144.7.13 -- POST command=login domain=/Failed to
>>> authenticate user newadmin1 in domain 1; please provide valid
>>> credentials
>>> =========================================================
>>> ========
>>> ======================
>>> Only default Root admin is allowed to login Management Server.  Has
>>> any one observed the same issue?
>>>
>>> Thanks and Regards,
>>> Sailaja.M
>>
>