From de5a6d0e3ca74e3b1214285ff2d6907328bc288e Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Tue, 3 Oct 2017 17:24:35 +0530 Subject: [PATCH] cloudian: fix auth failure cases Signed-off-by: Rohit Yadav --- .../apache/cloudstack/cloudian/CloudianConnectorImpl.java | 6 ++++++ .../apache/cloudstack/cloudian/client/CloudianClient.java | 4 +++- ui/plugins/cloudian/cloudian.js | 6 +++--- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/CloudianConnectorImpl.java b/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/CloudianConnectorImpl.java index b588b3077a8..bf7ff629661 100644 --- a/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/CloudianConnectorImpl.java +++ b/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/CloudianConnectorImpl.java @@ -28,6 +28,8 @@ import javax.inject.Inject; import javax.naming.ConfigurationException; import org.apache.cloudstack.acl.RoleType; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.ServerApiException; import org.apache.cloudstack.cloudian.api.CloudianSsoLoginCmd; import org.apache.cloudstack.cloudian.api.CloudianIsEnabledCmd; import org.apache.cloudstack.cloudian.client.CloudianClient; @@ -195,6 +197,10 @@ public class CloudianConnectorImpl extends ComponentLifecycleBase implements Clo if (caller.getAccountName().equals("admin") && caller.getRoleId() == RoleType.Admin.getId()) { user = CloudianCmcAdminUser.value(); group = "0"; + final CloudianUser adminUser = getClient().listUser(user, group); + if (adminUser == null) { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to find mapped Cloudian admin user, please fix integration issues."); + } } else { addOrUpdateGroup(domain); addOrUpdateUserAccount(caller, domain); diff --git a/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/client/CloudianClient.java b/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/client/CloudianClient.java index 9464e6fcd19..cd8a0ac5c98 100644 --- a/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/client/CloudianClient.java +++ b/plugins/integrations/cloudian/src/org/apache/cloudstack/cloudian/client/CloudianClient.java @@ -37,6 +37,7 @@ import org.apache.http.HttpHost; import org.apache.http.HttpResponse; import org.apache.http.HttpStatus; import org.apache.http.auth.AuthScope; +import org.apache.http.auth.Credentials; import org.apache.http.auth.UsernamePasswordCredentials; import org.apache.http.client.AuthCache; import org.apache.http.client.CredentialsProvider; @@ -106,7 +107,8 @@ public class CloudianClient { private void checkAuthFailure(final HttpResponse response) { if (response != null && response.getStatusLine().getStatusCode() == HttpStatus.SC_UNAUTHORIZED) { - LOG.error("Cloudian admin API authentication failed, please check Cloudian configuration"); + final Credentials credentials = httpContext.getCredentialsProvider().getCredentials(AuthScope.ANY); + LOG.error("Cloudian admin API authentication failed, please check Cloudian configuration. Admin auth principal=" + credentials.getUserPrincipal() + ", password=" + credentials.getPassword() + ", API url=" + adminApiUrl); } } diff --git a/ui/plugins/cloudian/cloudian.js b/ui/plugins/cloudian/cloudian.js index bbf2e881967..1b8a35ab1e9 100644 --- a/ui/plugins/cloudian/cloudian.js +++ b/ui/plugins/cloudian/cloudian.js @@ -46,7 +46,7 @@ }, show: function() { - var description = 'Cloudian management console should open in another window.'; + var description = 'Cloudian Management Console should open in another window.'; $.ajax({ url: createURL('cloudianSsoLogin'), async: false, @@ -56,10 +56,10 @@ cmcWindow.focus(); }, error: function(data) { - description = 'Single-Sign-On failed for Cloudian management console.'; + description = 'Single-Sign-On failed for Cloudian Management Console. Please ask your administrator to fix integration issues.'; } }); - return $('
').html(description); + return $('
').html(description); } }); };