Date   

Re: Getting 401 for newly created users using aaa-cli-jar

Ryan Goulding <ryandgoulding@...>
 

Have you created a grant for the user?  Otherwise, it should return 401…


On Jul 17, 2018, at 12:37 PM, Naveen Kumar Verma <naveen.kumar.verma@...> wrote:

Hi all, 
 
I am trying to create users using aaa-cli-jar, the users are getting created but I am getting 401 when I try to use that user.
 
Did anything changed recently?
 
Any idea what I am doing wrong:
 
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)
$ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . -l
[main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store
[main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data
User names:
admin
 
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)
$ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . --nu naveen -a -p naveen
[main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store
[main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data
New user created, as admin: naveen
 
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)
$ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . -l
[main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store
[main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data
User names:
admin
naveen
 
# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)
 
# ~
$ curl -u naveen:naveen  -v -H 'Content-type: application/json' -X GET http://localhost:8181/auth/v1/users | python -mjson.tool
Note: Unnecessary use of -X or --request, GET is already inferred.
* timeout on name lookup is not supported
*   Trying ::1...
* TCP_NODELAY set
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to localhost (::1) port 8181 (#0)
* Server auth using Basic with user 'naveen'
> GET /auth/v1/users HTTP/1.1
> Host: localhost:8181
> Authorization: Basic bmF2ZWVuOm5hdmVlbg==
> User-Agent: curl/7.51.0
> Accept: */*
> Content-type: application/json
< HTTP/1.1 401 Unauthorized
< Set-Cookie: rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Mon, 16-Jul-2018 16:29:04 GMT
* Authentication problem. Ignoring this.
< WWW-Authenticate: BASIC realm="application"
< Content-Length: 0
* Curl_http_done: called premature == 0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Connection #0 to host localhost left intact
Expecting value: line 1 column 1 (char 0)
 
# ~
 
 
 
Thanks,
Naveen
 
 
 
 
_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev


Getting 401 for newly created users using aaa-cli-jar

Naveen Kumar Verma
 

Hi all,

 

I am trying to create users using aaa-cli-jar, the users are getting created but I am getting 401 when I try to use that user.

 

Did anything changed recently?

 

Any idea what I am doing wrong:

 

# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)

$ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . -l

[main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store

[main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data

User names:

admin

 

# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)

$ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . --nu naveen -a -p naveen

[main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store

[main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data

New user created, as admin: naveen

 

# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)

$ java -jar ~/Downloads/aaa-cli-jar-0.5.0-20170522.110416-143.jar -dbd . -l

[main] INFO org.opendaylight.aaa.api.StoreBuilder - Checking if default entries must be created in IDM store

[main] INFO org.opendaylight.aaa.api.StoreBuilder - Found default domain in IDM store, skipping insertion of default data

User names:

admin

naveen

 

# ~/odl_repo/integration-distribution/karaf/target/assembly/data (master)

 

# ~

$ curl -u naveen:naveen  -v -H 'Content-type: application/json' -X GET http://localhost:8181/auth/v1/users | python -mjson.tool

Note: Unnecessary use of -X or --request, GET is already inferred.

* timeout on name lookup is not supported

*   Trying ::1...

* TCP_NODELAY set

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to localhost (::1) port 8181 (#0)

* Server auth using Basic with user 'naveen'

> GET /auth/v1/users HTTP/1.1

> Host: localhost:8181

> Authorization: Basic bmF2ZWVuOm5hdmVlbg==

> User-Agent: curl/7.51.0

> Accept: */*

> Content-type: application/json

< HTTP/1.1 401 Unauthorized

< Set-Cookie: rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Mon, 16-Jul-2018 16:29:04 GMT

* Authentication problem. Ignoring this.

< WWW-Authenticate: BASIC realm="application"

< Content-Length: 0

* Curl_http_done: called premature == 0

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

* Connection #0 to host localhost left intact

Expecting value: line 1 column 1 (char 0)

 

# ~

 

 

 

Thanks,

Naveen

 

 

 

 


Re: [release] Autorelease oxygen failed to build aaa-shiro from aaa

Tom Pantelis
 

On Sat, Jul 14, 2018 at 8:43 PM, Jenkins <jenkins-dontreply@...> wrote:
Attention aaa-devs,

Autorelease oxygen failed to build aaa-shiro from aaa in build
353. Attached is a snippet of the error message related to the
failure that we were able to automatically parse as well as console logs.


Console Logs:
https://logs.opendaylight.org/releng/vex-yul-odl-jenkins-1/autorelease-release-oxygen/353

Jenkins Build:
https://jenkins.opendaylight.org/releng/job/autorelease-release-oxygen/353/

Please review and provide an ETA on when a fix will be available.

Thanks,
ODL releng/autorelease team


_______________________________________________
release mailing list
release@...
https://lists.opendaylight.org/mailman/listinfo/release



[release] Autorelease oxygen failed to build aaa-shiro from aaa

Jenkins <jenkins-dontreply@...>
 

Attention aaa-devs,

Autorelease oxygen failed to build aaa-shiro from aaa in build
353. Attached is a snippet of the error message related to the
failure that we were able to automatically parse as well as console logs.


Console Logs:
https://logs.opendaylight.org/releng/vex-yul-odl-jenkins-1/autorelease-release-oxygen/353

Jenkins Build:
https://jenkins.opendaylight.org/releng/job/autorelease-release-oxygen/353/

Please review and provide an ETA on when a fix will be available.

Thanks,
ODL releng/autorelease team


Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Tom Pantelis
 



On Sun, Jul 8, 2018 at 4:33 AM, Ariel Adam <aadam@...> wrote:
Ryan, can you take a look?

Thanks. 

On Fri, Jul 6, 2018 at 6:29 AM, Tom Pantelis <tompantelis@...> wrote:


On Thu, Jul 5, 2018 at 6:29 PM, Jamo Luhrsen <jluhrsen@...> wrote:
Here is a jira to track this one:

 https://jira.opendaylight.org/browse/CONTROLLER-1850


This is really a AAA issue so moved to https://jira.opendaylight.org/browse/AAA-176

I have an idea for this - will push patch soon. 
 
 



JamO

On 07/03/2018 07:16 PM, Tom Pantelis wrote:


On Tue, Jul 3, 2018 at 9:39 PM, Vishal Thapar <vthapar@... <mailto:vthapar@...>> wrote:



    On Wed, Jul 4, 2018 at 1:01 AM, Michael Vorburger <vorburger@... <mailto:vorburger@...>> wrote:

        On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@... <mailto:faseela.k@...>>wrote:

            Tom,____

                I couldn’t follow your response below completely.____

                 But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it
            throws the shiro error.____

                When I updated the CSIT to retry on failure, it works on subsequent retries.____

                 Below is the exception stack trace :


        I don't know the details of what this CSIT wants from
        /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards,
        but I don't suppose it could (now) be replaced with GET /diagstatus from
        https://jira.opendaylight.org/browse/GENIUS-138 <https://jira.opendaylight.org/browse/GENIUS-138> ?  That
        requires no authentication, so it would never suffer from this particular problem. Just a thought.


    ​It gives information about which node is leader and which is follower for a given shard while diagstatus only gives
    information about if all services are up or not. It is used in monitoring tool of ODLTools.

    https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170
    <https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170>

    Unless every bit of information we get from jolokia can be provided through an alternate rest call, this needs to be
    addressed.

            ____




The exception emanates from shiro code so that would be the place to start. Anyone have cycles now to try to look into this?


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev



_______________________________________________
netvirt-dev mailing list
netvirt-dev@....org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev




Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Ariel Adam <aadam@...>
 

Ryan, can you take a look?

Thanks. 

On Fri, Jul 6, 2018 at 6:29 AM, Tom Pantelis <tompantelis@...> wrote:


On Thu, Jul 5, 2018 at 6:29 PM, Jamo Luhrsen <jluhrsen@...> wrote:
Here is a jira to track this one:

 https://jira.opendaylight.org/browse/CONTROLLER-1850


This is really a AAA issue so moved to https://jira.opendaylight.org/browse/AAA-176
 



JamO

On 07/03/2018 07:16 PM, Tom Pantelis wrote:


On Tue, Jul 3, 2018 at 9:39 PM, Vishal Thapar <vthapar@... <mailto:vthapar@...>> wrote:



    On Wed, Jul 4, 2018 at 1:01 AM, Michael Vorburger <vorburger@... <mailto:vorburger@...>> wrote:

        On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@... <mailto:faseela.k@...>>wrote:

            Tom,____

                I couldn’t follow your response below completely.____

                 But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it
            throws the shiro error.____

                When I updated the CSIT to retry on failure, it works on subsequent retries.____

                 Below is the exception stack trace :


        I don't know the details of what this CSIT wants from
        /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards,
        but I don't suppose it could (now) be replaced with GET /diagstatus from
        https://jira.opendaylight.org/browse/GENIUS-138 <https://jira.opendaylight.org/browse/GENIUS-138> ?  That
        requires no authentication, so it would never suffer from this particular problem. Just a thought.


    ​It gives information about which node is leader and which is follower for a given shard while diagstatus only gives
    information about if all services are up or not. It is used in monitoring tool of ODLTools.

    https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170
    <https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170>

    Unless every bit of information we get from jolokia can be provided through an alternate rest call, this needs to be
    addressed.

            ____




The exception emanates from shiro code so that would be the place to start. Anyone have cycles now to try to look into this?


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev



_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev



Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Tom Pantelis
 



On Thu, Jul 5, 2018 at 6:29 PM, Jamo Luhrsen <jluhrsen@...> wrote:
Here is a jira to track this one:

 https://jira.opendaylight.org/browse/CONTROLLER-1850


This is really a AAA issue so moved to https://jira.opendaylight.org/browse/AAA-176
 



JamO

On 07/03/2018 07:16 PM, Tom Pantelis wrote:


On Tue, Jul 3, 2018 at 9:39 PM, Vishal Thapar <vthapar@... <mailto:vthapar@...>> wrote:



    On Wed, Jul 4, 2018 at 1:01 AM, Michael Vorburger <vorburger@... <mailto:vorburger@...>> wrote:

        On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@... <mailto:faseela.k@...>>wrote:

            Tom,____

                I couldn’t follow your response below completely.____

                 But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it
            throws the shiro error.____

                When I updated the CSIT to retry on failure, it works on subsequent retries.____

                 Below is the exception stack trace :


        I don't know the details of what this CSIT wants from
        /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards,
        but I don't suppose it could (now) be replaced with GET /diagstatus from
        https://jira.opendaylight.org/browse/GENIUS-138 <https://jira.opendaylight.org/browse/GENIUS-138> ?  That
        requires no authentication, so it would never suffer from this particular problem. Just a thought.


    ​It gives information about which node is leader and which is follower for a given shard while diagstatus only gives
    information about if all services are up or not. It is used in monitoring tool of ODLTools.

    https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170
    <https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170>

    Unless every bit of information we get from jolokia can be provided through an alternate rest call, this needs to be
    addressed.

            ____




The exception emanates from shiro code so that would be the place to start. Anyone have cycles now to try to look into this?


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev



Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Jamo Luhrsen <jluhrsen@...>
 

Here is a jira to track this one:

https://jira.opendaylight.org/browse/CONTROLLER-1850


JamO

On 07/03/2018 07:16 PM, Tom Pantelis wrote:
On Tue, Jul 3, 2018 at 9:39 PM, Vishal Thapar <vthapar@redhat.com <mailto:vthapar@redhat.com>> wrote:
On Wed, Jul 4, 2018 at 1:01 AM, Michael Vorburger <vorburger@redhat.com <mailto:vorburger@redhat.com>> wrote:
On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@ericsson.com <mailto:faseela.k@ericsson.com>>wrote:
Tom,____
   I couldn’t follow your response below completely.____
    But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it
throws the shiro error.____
   When I updated the CSIT to retry on failure, it works on subsequent retries.____
    Below is the exception stack trace :
I don't know the details of what this CSIT wants from
/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards,
but I don't suppose it could (now) be replaced with GET /diagstatus from
https://jira.opendaylight.org/browse/GENIUS-138 <https://jira.opendaylight.org/browse/GENIUS-138> ?  That
requires no authentication, so it would never suffer from this particular problem. Just a thought.
​It gives information about which node is leader and which is follower for a given shard while diagstatus only gives
information about if all services are up or not. It is used in monitoring tool of ODLTools.
https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170
<https://github.com/opendaylight/odltools/blob/master/odltools/monitor/monitor_odl_cluster.py#L170>
Unless every bit of information we get from jolokia can be provided through an alternate rest call, this needs to be
addressed.
____
The exception emanates from shiro code so that would be the place to start. Anyone have cycles now to try to look into this?
_______________________________________________
aaa-dev mailing list
aaa-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/aaa-dev


Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Tom Pantelis
 



On Tue, Jul 3, 2018 at 9:39 PM, Vishal Thapar <vthapar@...> wrote:


On Wed, Jul 4, 2018 at 1:01 AM, Michael Vorburger <vorburger@...> wrote:
On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@...> wrote:

Tom,

   I couldn’t follow your response below completely.

    But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it throws the shiro error.

   When I updated the CSIT to retry on failure, it works on subsequent retries.

    Below is the exception stack trace :


I don't know the details of what this CSIT wants from /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards, but I don't suppose it could (now) be replaced with GET /diagstatus from https://jira.opendaylight.org/browse/GENIUS-138 ?  That requires no authentication, so it would never suffer from this particular problem. Just a thought.


​It gives information about which node is leader and which is follower for a given shard while diagstatus only gives information about if all services are up or not. It is used in monitoring tool of ODLTools.


Unless every bit of information we get from jolokia can be provided through an alternate rest call, this needs to be addressed.




The exception emanates from shiro code so that would be the place to start. Anyone have cycles now to try to look into this?


Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Vishal Thapar <vthapar@...>
 



On Wed, Jul 4, 2018 at 1:01 AM, Michael Vorburger <vorburger@...> wrote:
On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@...> wrote:

Tom,

   I couldn’t follow your response below completely.

    But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it throws the shiro error.

   When I updated the CSIT to retry on failure, it works on subsequent retries.

    Below is the exception stack trace :


I don't know the details of what this CSIT wants from /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards, but I don't suppose it could (now) be replaced with GET /diagstatus from https://jira.opendaylight.org/browse/GENIUS-138 ?  That requires no authentication, so it would never suffer from this particular problem. Just a thought.


​It gives information about which node is leader and which is follower for a given shard while diagstatus only gives information about if all services are up or not. It is used in monitoring tool of ODLTools.


Unless every bit of information we get from jolokia can be provided through an alternate rest call, this needs to be addressed.


   2018-07-02T02:47:54,463 | INFO  | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@38d77047Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id 3u5gk3qqbpby1c13f3hpivnge

2018-07-02T02:47:54,470 | INFO  | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@19c0aeb1Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id yev7cqw2kyjsy6978sf1nmrl

2018-07-02T02:48:05,934 | WARN  | qtp1371496041-116 | HttpChannel                      | 156 - org.eclipse.jetty.util - 9.3.21.v20170918 | //10.30.170.46:8181/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards

org.apache.shiro.session.UnknownSessionException: There is no session with id [bf682403-082b-4520-993f-987a8804bd31]

        at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getHost(AbstractNativeSessionManager.java:237) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DelegatingSession.getHost(DelegatingSession.java:111) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [134:org.apache.shiro.core:1.3.2]

        at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [198:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]

        at Proxyb44c2d91_1f07_4b19_be55_2f3cb0209c21.authenticate(Unknown Source) [?:?]

        at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [189:org.jolokia.osgi:1.5.0]

        at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [440:org.ops4j.pax.web.pax-web-runtime:6.0.9]

        at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [151:org.eclipse.jetty.security:9.3.21.v20170918]

        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [154:org.eclipse.jetty.servlet:9.3.21.v20170918]

        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.Server.handle(Server.java:534) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at java.lang.Thread.run(Thread.java:748) [?:?]

 

   

Thanks,

Faseela

 

From: Tom Pantelis [mailto:tompantelis@...]
Sent: Monday, July 02, 2018 10:29 PM
To: Sam Hague <shague@...>
Cc: Vishal Thapar <vthapar@...>; odl netvirt dev <netvirt-dev@...t.org>; aaa-dev@...; Faseela K <faseela.k@...>
Subject: Re: [Aaa-dev] [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

 

jolokia has a different security code path than restconf that interfaces with shiro. It starts with:

 

....

at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [130:org.apache.shiro.core:1.3.2]

            at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]

            at Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source) [?:?]

            at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [179:org.jolokia.osgi:1.5.0]

            at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [312:org.ops4j.pax.web.pax-web-runtime:6.0.9]

            at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [310:org.ops4j.pax.web.pax-web-jetty:6.0.9]

 

 

On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@...> wrote:

Could this be related to the clustering bugs Vic and Jamo are following like [1] that deal with 500 responses?

 

 

On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar <vthapar@...> wrote:

I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even post ownership change.

 

On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@...> wrote:

Hello aaa-dev,

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0].

   The HTTP requests work most of the cases, but sometimes hit the below error randomly?

   Any pointers?

 

  <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>

 

 

Thanks,

Faseela

 

[0] https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@....org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev

 

_______________________________________________
netvirt-dev mailing list
netvirt-dev@....org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@....org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev



_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev



Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Faseela K <faseela.k@...>
 

Michael,

The shard list is being dumped to make sure our single shard configuration is proper at different places of the CSIT. Not to check if cluster is ready.

Thanks,
Faseela

-----Original Message-----
From: Jamo Luhrsen [mailto:jluhrsen@gmail.com]
Sent: Wednesday, July 04, 2018 3:31 AM
To: Michael Vorburger <vorburger@redhat.com>; Faseela K <faseela.k@ericsson.com>
Cc: Sam Hague <shague@redhat.com>; aaa-dev@lists.opendaylight.org; odl netvirt dev <netvirt-dev@lists.opendaylight.org>
Subject: Re: [Aaa-dev] [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT



On 07/03/2018 12:31 PM, Michael Vorburger wrote:
On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@ericsson.com <mailto:faseela.k@ericsson.com>>wrote:

Tom,____

   I couldn’t follow your response below completely.____

    But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it throws the
shiro error.____

   When I updated the CSIT to retry on failure, it works on
subsequent retries.____

    Below is the exception stack trace :


I don't know the details of what this CSIT wants from
/jolokia/read/org.opendaylight.controller:type=DistributedOperationalD
atastore,Category=ShardManager,name=shard-manager-operational/LocalSha
rds, but I don't suppose it could (now) be replaced with GET
/diagstatus from https://jira.opendaylight.org/browse/GENIUS-138
?  That requires no authentication, so it would never suffer from this particular problem. Just a thought.
even if that is a better thing for CSIT to do, it would just be a workaround to whatever problem is really there.

JamO
____


2018-07-02T02:47:54,463 | INFO  |
org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@38d77047Timer |
LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s)
with id 3u5gk3qqbpby1c13f3hpivnge____

2018-07-02T02:47:54,470 | INFO  |
org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@19c0aeb1Timer |
LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s)
with id yev7cqw2kyjsy6978sf1nmrl____

2018-07-02T02:48:05,934 | WARN  | qtp1371496041-116 | HttpChannel    | 156 - org.eclipse.jetty.util -
9.3.21.v20170918 |
//10.30.170.46:8181/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards

<http://10.30.170.46:8181/jolokia/read/org.opendaylight.controller:typ
e=DistributedOperationalDatastore,Category=ShardManager,name=shard-man
ager-operational/LocalShards>____

org.apache.shiro.session.UnknownSessionException: There is no
session with id [bf682403-082b-4520-993f-987a8804bd31]____

        at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
[134:org.apache.shiro.core:1.3.2]____

        at
org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
[134:org.apache.shiro.core:1.3.2]____

        at

org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSes
sion(AbstractValidatingSessionManager.java:118)
[134:org.apache.shiro.core:1.3.2]____

        at
org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148)
[134:org.apache.shiro.core:1.3.2]____

        at
org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getHost(AbstractNativeSessionManager.java:237)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.session.mgt.DelegatingSession.getHost(DelegatingSession.java:111)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283)
[134:org.apache.shiro.core:1.3.2]____

        at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
[134:org.apache.shiro.core:1.3.2]____

        at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42)
[198:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]____

        at
Proxyb44c2d91_1f07_4b19_be55_2f3cb0209c21.authenticate(Unknown Source)
[?:?]____

        at
org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72)
[189:org.jolokia.osgi:1.5.0]____

        at
org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46)
[440:org.ops4j.pax.web.pax-web-runtime:6.0.9]____

        at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)
[438:org.ops4j.pax.web.pax-web-jetty:6.0.9]____

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
[151:org.eclipse.jetty.security:9.3.21.v20170918]____

        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284)
[438:org.ops4j.pax.web.pax-web-jetty:6.0.9]____

        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
[154:org.eclipse.jetty.servlet:9.3.21.v20170918]____

        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)
[438:org.ops4j.pax.web.pax-web-jetty:6.0.9]____

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at
org.eclipse.jetty.server.Server.handle(Server.java:534)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____

        at org.eclipse.jetty.io
<http://org.eclipse.jetty.io>.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
[145:org.eclipse.jetty.io:9.3.21.v20170918]____

        at org.eclipse.jetty.io <http://org.eclipse.jetty.io>.FillInterest.fillable(FillInterest.java:108)
[145:org.eclipse.jetty.io:9.3.21.v20170918]____

        at org.eclipse.jetty.io
<http://org.eclipse.jetty.io>.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
[145:org.eclipse.jetty.io:9.3.21.v20170918]____

        at
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____

        at
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____

        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____

        at java.lang.Thread.run(Thread.java:748) [?:?]____

__ __

____

Thanks,____

Faseela____

__ __

*From:*Tom Pantelis [mailto:tompantelis@gmail.com <mailto:tompantelis@gmail.com>]
*Sent:* Monday, July 02, 2018 10:29 PM
*To:* Sam Hague <shague@redhat.com <mailto:shague@redhat.com>>
*Cc:* Vishal Thapar <vthapar@redhat.com <mailto:vthapar@redhat.com>>; odl netvirt dev
<netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>>; aaa-dev@lists.opendaylight.org
<mailto:aaa-dev@lists.opendaylight.org>; Faseela K <faseela.k@ericsson.com <mailto:faseela.k@ericsson.com>>
*Subject:* Re: [Aaa-dev] [netvirt-dev] Random errors while
fetching JOLOKIA URLs in 3 node CSIT____

__ __

jolokia has a different security code path than restconf that
interfaces with shiro. It starts with:____

__ __

....____

at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270)
[130:org.apache.shiro.core:1.3.2]____

            at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45)
[130:org.apache.shiro.core:1.3.2]____

            at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369)
[130:org.apache.shiro.core:1.3.2]____

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344)
[130:org.apache.shiro.core:1.3.2]____

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183)
[130:org.apache.shiro.core:1.3.2]____

            at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283)
[130:org.apache.shiro.core:1.3.2]____

            at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
[130:org.apache.shiro.core:1.3.2]____

            at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42)
[188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]____

            at
Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source)
[?:?]____

            at
org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72)
[179:org.jolokia.osgi:1.5.0]____

            at
org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46)
[312:org.ops4j.pax.web.pax-web-runtime:6.0.9]____

            at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)
[310:org.ops4j.pax.web.pax-web-jetty:6.0.9]____

__ __

__ __

On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@redhat.com
<mailto:shague@redhat.com>> wrote:____

Could this be related to the clustering bugs Vic and Jamo are
following like [1] that deal with 500 responses?____

__ __

[1] https://jira.opendaylight.org/browse/CONTROLLER-1838
<https://jira.opendaylight.org/browse/CONTROLLER-1838>____

__ __

On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar
<vthapar@redhat.com <mailto:vthapar@redhat.com>> wrote:____

I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even
post ownership change.____

__ __

On Mon, Jul 2, 2018 at 11:24 AM, Faseela K
<faseela.k@ericsson.com <mailto:faseela.k@ericsson.com>> wrote:____

Hello aaa-dev,____

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting
with some of the 3 node netvirt CSIT activities
[0].____

   The HTTP requests work most of the cases, but
sometimes hit the below error randomly?____

   Any pointers?____

____

<html> <head> <meta http-equiv="Content-Type" content="text/html; <title>Error 500 </title> </head>
<body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing
/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards.
Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id
[4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr
/> </body> </html>____

____

____

Thanks,____

Faseela____

____

[0]
https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

<https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelane
tvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-p
lugin/log_full.html.gz>____

____


_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev

<https://lists.opendaylight.org/mailman/listinfo/netvirt-dev>____

__ __

_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev

<https://lists.opendaylight.org/mailman/listinfo/netvirt-dev>____


_______________________________________________
aaa-dev mailing list
aaa-dev@lists.opendaylight.org <mailto:aaa-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/aaa-dev
<https://lists.opendaylight.org/mailman/listinfo/aaa-dev>____

__ __


_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev
<https://lists.opendaylight.org/mailman/listinfo/netvirt-dev>




_______________________________________________
aaa-dev mailing list
aaa-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/aaa-dev


Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Jamo Luhrsen <jluhrsen@...>
 

On 07/03/2018 12:31 PM, Michael Vorburger wrote:
On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@ericsson.com <mailto:faseela.k@ericsson.com>>wrote:
Tom,____
   I couldn’t follow your response below completely.____
    But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it throws the
shiro error.____
   When I updated the CSIT to retry on failure, it works on subsequent retries.____
    Below is the exception stack trace :
I don't know the details of what this CSIT wants from /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards, but I don't suppose it could (now) be replaced with GET /diagstatus from https://jira.opendaylight.org/browse/GENIUS-138 ?  That requires no authentication, so it would never suffer from this particular problem. Just a thought.
even if that is a better thing for CSIT to do, it would just be a workaround
to whatever problem is really there.

JamO
____
2018-07-02T02:47:54,463 | INFO  |
org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@38d77047Timer |
LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s)
with id 3u5gk3qqbpby1c13f3hpivnge____
2018-07-02T02:47:54,470 | INFO  |
org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@19c0aeb1Timer |
LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s)
with id yev7cqw2kyjsy6978sf1nmrl____
2018-07-02T02:48:05,934 | WARN  | qtp1371496041-116 | HttpChannel    | 156 - org.eclipse.jetty.util -
9.3.21.v20170918 |
//10.30.170.46:8181/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards
<http://10.30.170.46:8181/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards>____
org.apache.shiro.session.UnknownSessionException: There is no session with id [bf682403-082b-4520-993f-987a8804bd31]____
        at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170)
[134:org.apache.shiro.core:1.3.2]____
        at
org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222)
[134:org.apache.shiro.core:1.3.2]____
        at
org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118) [134:org.apache.shiro.core:1.3.2]____
        at
org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148)
[134:org.apache.shiro.core:1.3.2]____
        at
org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getHost(AbstractNativeSessionManager.java:237)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.session.mgt.DelegatingSession.getHost(DelegatingSession.java:111)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283)
[134:org.apache.shiro.core:1.3.2]____
        at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
[134:org.apache.shiro.core:1.3.2]____
        at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42)
[198:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]____
        at Proxyb44c2d91_1f07_4b19_be55_2f3cb0209c21.authenticate(Unknown Source) [?:?]____
        at
org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72)
[189:org.jolokia.osgi:1.5.0]____
        at
org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46)
[440:org.ops4j.pax.web.pax-web-runtime:6.0.9]____
        at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)
[438:org.ops4j.pax.web.pax-web-jetty:6.0.9]____
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
[151:org.eclipse.jetty.security:9.3.21.v20170918]____
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284)
[438:org.ops4j.pax.web.pax-web-jetty:6.0.9]____
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512)
[154:org.eclipse.jetty.servlet:9.3.21.v20170918]____
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at
org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)
[438:org.ops4j.pax.web.pax-web-jetty:6.0.9]____
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.server.Server.handle(Server.java:534) [153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
[153:org.eclipse.jetty.server:9.3.21.v20170918]____
        at org.eclipse.jetty.io
<http://org.eclipse.jetty.io>.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
[145:org.eclipse.jetty.io:9.3.21.v20170918]____
        at org.eclipse.jetty.io <http://org.eclipse.jetty.io>.FillInterest.fillable(FillInterest.java:108)
[145:org.eclipse.jetty.io:9.3.21.v20170918]____
        at org.eclipse.jetty.io
<http://org.eclipse.jetty.io>.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
[145:org.eclipse.jetty.io:9.3.21.v20170918]____
        at
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____
        at
org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____
        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____
        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
[156:org.eclipse.jetty.util:9.3.21.v20170918]____
        at java.lang.Thread.run(Thread.java:748) [?:?]____
__ __
____
Thanks,____
Faseela____
__ __
*From:*Tom Pantelis [mailto:tompantelis@gmail.com <mailto:tompantelis@gmail.com>]
*Sent:* Monday, July 02, 2018 10:29 PM
*To:* Sam Hague <shague@redhat.com <mailto:shague@redhat.com>>
*Cc:* Vishal Thapar <vthapar@redhat.com <mailto:vthapar@redhat.com>>; odl netvirt dev
<netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>>; aaa-dev@lists.opendaylight.org
<mailto:aaa-dev@lists.opendaylight.org>; Faseela K <faseela.k@ericsson.com <mailto:faseela.k@ericsson.com>>
*Subject:* Re: [Aaa-dev] [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT____
__ __
jolokia has a different security code path than restconf that interfaces with shiro. It starts with:____
__ __
....____
at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270)
[130:org.apache.shiro.core:1.3.2]____
            at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45)
[130:org.apache.shiro.core:1.3.2]____
            at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369)
[130:org.apache.shiro.core:1.3.2]____
            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344)
[130:org.apache.shiro.core:1.3.2]____
            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183)
[130:org.apache.shiro.core:1.3.2]____
            at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283)
[130:org.apache.shiro.core:1.3.2]____
            at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
[130:org.apache.shiro.core:1.3.2]____
            at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42)
[188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]____
            at Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source) [?:?]____
            at
org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72)
[179:org.jolokia.osgi:1.5.0]____
            at
org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46)
[312:org.ops4j.pax.web.pax-web-runtime:6.0.9]____
            at
org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)
[310:org.ops4j.pax.web.pax-web-jetty:6.0.9]____
__ __
__ __
On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@redhat.com <mailto:shague@redhat.com>> wrote:____
Could this be related to the clustering bugs Vic and Jamo are following like [1] that deal with 500 responses?____
__ __
[1] https://jira.opendaylight.org/browse/CONTROLLER-1838 <https://jira.opendaylight.org/browse/CONTROLLER-1838>____
__ __
On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar <vthapar@redhat.com <mailto:vthapar@redhat.com>> wrote:____
I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even
post ownership change.____
__ __
On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@ericsson.com <mailto:faseela.k@ericsson.com>> wrote:____
Hello aaa-dev,____
   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting
with some of the 3 node netvirt CSIT activities [0].____
   The HTTP requests work most of the cases, but sometimes hit the below error randomly?____
   Any pointers?____
____
<html> <head> <meta http-equiv="Content-Type" content="text/html; <title>Error 500 </title> </head>
<body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing
/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards.
Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id
[4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>____
____
____
Thanks,____
Faseela____
____
[0]
https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz
<https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz>____
____
_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev
<https://lists.opendaylight.org/mailman/listinfo/netvirt-dev>____
__ __
_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev
<https://lists.opendaylight.org/mailman/listinfo/netvirt-dev>____
_______________________________________________
aaa-dev mailing list
aaa-dev@lists.opendaylight.org <mailto:aaa-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/aaa-dev
<https://lists.opendaylight.org/mailman/listinfo/aaa-dev>____
__ __
_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org <mailto:netvirt-dev@lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev
<https://lists.opendaylight.org/mailman/listinfo/netvirt-dev>
_______________________________________________
aaa-dev mailing list
aaa-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/aaa-dev


Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Michael Vorburger <vorburger@...>
 

On Tue, Jul 3, 2018 at 7:21 AM, Faseela K <faseela.k@...> wrote:

Tom,

   I couldn’t follow your response below completely.

    But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it throws the shiro error.

   When I updated the CSIT to retry on failure, it works on subsequent retries.

    Below is the exception stack trace :


I don't know the details of what this CSIT wants from /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards, but I don't suppose it could (now) be replaced with GET /diagstatus from https://jira.opendaylight.org/browse/GENIUS-138 ?  That requires no authentication, so it would never suffer from this particular problem. Just a thought.


   2018-07-02T02:47:54,463 | INFO  | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@38d77047Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id 3u5gk3qqbpby1c13f3hpivnge

2018-07-02T02:47:54,470 | INFO  | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@19c0aeb1Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id yev7cqw2kyjsy6978sf1nmrl

2018-07-02T02:48:05,934 | WARN  | qtp1371496041-116 | HttpChannel                      | 156 - org.eclipse.jetty.util - 9.3.21.v20170918 | //10.30.170.46:8181/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards

org.apache.shiro.session.UnknownSessionException: There is no session with id [bf682403-082b-4520-993f-987a8804bd31]

        at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getHost(AbstractNativeSessionManager.java:237) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DelegatingSession.getHost(DelegatingSession.java:111) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [134:org.apache.shiro.core:1.3.2]

        at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [198:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]

        at Proxyb44c2d91_1f07_4b19_be55_2f3cb0209c21.authenticate(Unknown Source) [?:?]

        at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [189:org.jolokia.osgi:1.5.0]

        at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [440:org.ops4j.pax.web.pax-web-runtime:6.0.9]

        at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [151:org.eclipse.jetty.security:9.3.21.v20170918]

        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [154:org.eclipse.jetty.servlet:9.3.21.v20170918]

        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.Server.handle(Server.java:534) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at java.lang.Thread.run(Thread.java:748) [?:?]

 

   

Thanks,

Faseela

 

From: Tom Pantelis [mailto:tompantelis@...]
Sent: Monday, July 02, 2018 10:29 PM
To: Sam Hague <shague@...>
Cc: Vishal Thapar <vthapar@...>; odl netvirt dev <netvirt-dev@lists.opendaylight.org>; aaa-dev@...; Faseela K <faseela.k@...>
Subject: Re: [Aaa-dev] [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

 

jolokia has a different security code path than restconf that interfaces with shiro. It starts with:

 

....

at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [130:org.apache.shiro.core:1.3.2]

            at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]

            at Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source) [?:?]

            at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [179:org.jolokia.osgi:1.5.0]

            at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [312:org.ops4j.pax.web.pax-web-runtime:6.0.9]

            at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [310:org.ops4j.pax.web.pax-web-jetty:6.0.9]

 

 

On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@...> wrote:

Could this be related to the clustering bugs Vic and Jamo are following like [1] that deal with 500 responses?

 

 

On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar <vthapar@...> wrote:

I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even post ownership change.

 

On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@...> wrote:

Hello aaa-dev,

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0].

   The HTTP requests work most of the cases, but sometimes hit the below error randomly?

   Any pointers?

 

  <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>

 

 

Thanks,

Faseela

 

[0] https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev

 

_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev



Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Faseela K <faseela.k@...>
 

Tom,

   I couldn’t follow your response below completely.

    But, the URL whatever I am using in CSIT works most of the times, and only in some random cases it throws the shiro error.

   When I updated the CSIT to retry on failure, it works on subsequent retries.

    Below is the exception stack trace :

 

   2018-07-02T02:47:54,463 | INFO  | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@38d77047Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id 3u5gk3qqbpby1c13f3hpivnge

2018-07-02T02:47:54,470 | INFO  | org.ops4j.pax.web.service.jetty.internal.LateInvalidatingHashSessionManager@19c0aeb1Timer | LateInvalidatingHashSessionManager | 438 - org.ops4j.pax.web.pax-web-jetty - 6.0.9 | Timing out for 1 session(s) with id yev7cqw2kyjsy6978sf1nmrl

2018-07-02T02:48:05,934 | WARN  | qtp1371496041-116 | HttpChannel                      | 156 - org.eclipse.jetty.util - 9.3.21.v20170918 | //10.30.170.46:8181/jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards

org.apache.shiro.session.UnknownSessionException: There is no session with id [bf682403-082b-4520-993f-987a8804bd31]

        at org.apache.shiro.session.mgt.eis.AbstractSessionDAO.readSession(AbstractSessionDAO.java:170) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSessionFromDataSource(DefaultSessionManager.java:236) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DefaultSessionManager.retrieveSession(DefaultSessionManager.java:222) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractValidatingSessionManager.doGetSession(AbstractValidatingSessionManager.java:118) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupSession(AbstractNativeSessionManager.java:148) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.lookupRequiredSession(AbstractNativeSessionManager.java:152) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.AbstractNativeSessionManager.getHost(AbstractNativeSessionManager.java:237) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.mgt.DelegatingSession.getHost(DelegatingSession.java:111) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.session.ProxiedSession.getHost(ProxiedSession.java:93) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [134:org.apache.shiro.core:1.3.2]

        at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [134:org.apache.shiro.core:1.3.2]

        at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [198:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]

        at Proxyb44c2d91_1f07_4b19_be55_2f3cb0209c21.authenticate(Unknown Source) [?:?]

        at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [189:org.jolokia.osgi:1.5.0]

        at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [440:org.ops4j.pax.web.pax-web-runtime:6.0.9]

        at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [151:org.eclipse.jetty.security:9.3.21.v20170918]

        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:284) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) [154:org.eclipse.jetty.servlet:9.3.21.v20170918]

        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80) [438:org.ops4j.pax.web.pax-web-jetty:6.0.9]

        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.Server.handle(Server.java:534) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:333) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) [153:org.eclipse.jetty.server:9.3.21.v20170918]

        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [145:org.eclipse.jetty.io:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [156:org.eclipse.jetty.util:9.3.21.v20170918]

        at java.lang.Thread.run(Thread.java:748) [?:?]

 

   

Thanks,

Faseela

 

From: Tom Pantelis [mailto:tompantelis@...]
Sent: Monday, July 02, 2018 10:29 PM
To: Sam Hague <shague@...>
Cc: Vishal Thapar <vthapar@...>; odl netvirt dev <netvirt-dev@...>; aaa-dev@...; Faseela K <faseela.k@...>
Subject: Re: [Aaa-dev] [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

 

jolokia has a different security code path than restconf that interfaces with shiro. It starts with:

 

....

at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [130:org.apache.shiro.core:1.3.2]

            at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [130:org.apache.shiro.core:1.3.2]

            at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]

            at Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source) [?:?]

            at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [179:org.jolokia.osgi:1.5.0]

            at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [312:org.ops4j.pax.web.pax-web-runtime:6.0.9]

            at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [310:org.ops4j.pax.web.pax-web-jetty:6.0.9]

 

 

On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@...> wrote:

Could this be related to the clustering bugs Vic and Jamo are following like [1] that deal with 500 responses?

 

 

On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar <vthapar@...> wrote:

I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even post ownership change.

 

On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@...> wrote:

Hello aaa-dev,

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0].

   The HTTP requests work most of the cases, but sometimes hit the below error randomly?

   Any pointers?

 

  <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>

 

 

Thanks,

Faseela

 

[0] https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@...
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev

 

_______________________________________________
netvirt-dev mailing list
netvirt-dev@...
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev

 


Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Tom Pantelis
 

jolokia has a different security code path than restconf that interfaces with shiro. It starts with:

....
at org.apache.shiro.subject.support.DefaultSubjectContext.resolveHost(DefaultSubjectContext.java:270) [130:org.apache.shiro.core:1.3.2]
at org.apache.shiro.mgt.DefaultSubjectFactory.createSubject(DefaultSubjectFactory.java:45) [130:org.apache.shiro.core:1.3.2]
at org.apache.shiro.mgt.DefaultSecurityManager.doCreateSubject(DefaultSecurityManager.java:369) [130:org.apache.shiro.core:1.3.2]
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:344) [130:org.apache.shiro.core:1.3.2]
at org.apache.shiro.mgt.DefaultSecurityManager.createSubject(DefaultSecurityManager.java:183) [130:org.apache.shiro.core:1.3.2]
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:283) [130:org.apache.shiro.core:1.3.2]
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [130:org.apache.shiro.core:1.3.2]
at org.opendaylight.aaa.authenticator.ODLAuthenticator.authenticate(ODLAuthenticator.java:42) [188:org.opendaylight.aaa.shiro:0.8.0.SNAPSHOT]
at Proxy02007817_e19a_4a1a_8178_e2f238fd17a0.authenticate(Unknown Source) [?:?]
at org.jolokia.osgi.security.ServiceAuthenticationHttpContext.handleSecurity(ServiceAuthenticationHttpContext.java:72) [179:org.jolokia.osgi:1.5.0]
at org.ops4j.pax.web.service.internal.WebContainerContextWrapper.handleSecurity(WebContainerContextWrapper.java:46) [312:org.ops4j.pax.web.pax-web-runtime:6.0.9]
at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69) [310:org.ops4j.pax.web.pax-web-jetty:6.0.9]


On Mon, Jul 2, 2018 at 12:44 PM, Sam Hague <shague@...> wrote:
Could this be related to the clustering bugs Vic and Jamo are following like [1] that deal with 500 responses?


On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar <vthapar@...> wrote:
I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even post ownership change.

On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@...> wrote:

Hello aaa-dev,

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0].

   The HTTP requests work most of the cases, but sometimes hit the below error randomly?

   Any pointers?

 

  <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>

 

 

Thanks,

Faseela

 

[0] https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev


_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev

_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev



Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Sam Hague <shague@...>
 

Could this be related to the clustering bugs Vic and Jamo are following like [1] that deal with 500 responses?


On Mon, Jul 2, 2018 at 2:27 AM Vishal Thapar <vthapar@...> wrote:
I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even post ownership change.

On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@...> wrote:

Hello aaa-dev,

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0].

   The HTTP requests work most of the cases, but sometimes hit the below error randomly?

   Any pointers?

 

  <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>

 

 

Thanks,

Faseela

 

[0] https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@...
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev


_______________________________________________
netvirt-dev mailing list
netvirt-dev@...
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev


Re: [netvirt-dev] Random errors while fetching JOLOKIA URLs in 3 node CSIT

Vishal Thapar <vthapar@...>
 

I've seen this in my local testing during bringup or during ownership change. Sometimes it persists even post ownership change.

On Mon, Jul 2, 2018 at 11:24 AM, Faseela K <faseela.k@...> wrote:

Hello aaa-dev,

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0].

   The HTTP requests work most of the cases, but sometimes hit the below error randomly?

   Any pointers?

 

  <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>

 

 

Thanks,

Faseela

 

[0] https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

 


_______________________________________________
netvirt-dev mailing list
netvirt-dev@lists.opendaylight.org
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev



Random errors while fetching JOLOKIA URLs in 3 node CSIT

Faseela K <faseela.k@...>
 

Hello aaa-dev,

   I am trying to dump some of the MDSAL exposed MBeans with jolokia over HTTP , while am experimenting with some of the 3 node netvirt CSIT activities [0].

   The HTTP requests work most of the cases, but sometimes hit the below error randomly?

   Any pointers?

 

  <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 </title> </head> <body> <h2>HTTP ERROR: 500</h2> <p>Problem accessing /jolokia/read/org.opendaylight.controller:type=DistributedOperationalDatastore,Category=ShardManager,name=shard-manager-operational/LocalShards. Reason: <pre> org.apache.shiro.session.UnknownSessionException: There is no session with id [4050ca12-d12d-4965-8204-d3c11cb16e1b]</pre></p> <hr /> </body> </html>

 

 

Thanks,

Faseela

 

[0] https://logs.opendaylight.org/sandbox/vex-yul-odl-jenkins-2/faseelanetvirt-csit-3node-openstack-queens-upstream-stateful-fluorine/1/robot-plugin/log_full.html.gz

 


Re: ssh passwordless login to Karaf

Ryan Goulding <ryandgoulding@...>
 

I don't know, I don't use or maintain this code.  Ask the people who do:


Regards,

Ryan Goulding

On Wed, Jun 13, 2018 at 1:00 PM, A Vamsikrishna <a.vamsikrishna@...> wrote:

Hi Ryan,

 

I want to do passwordless login using the userid: egjmnnq . I am following https://karaf.apache.org/manual/latest/security

 

below are the changes made but no luck as it's still prompting for password:

 

1. etc/users.properties:

 

egjmnnq = egjmnnq,_g_:admingroup

_g_\:admingroup = group,admin,manager,viewer,systembundles

 

 

2. Generated keys as follows on my openSSH client:

 

ssh-keygen -t dsa -f karaf.id_dsa -N karaf

 

[egjmnnq.PF0KDF1U] ls -lrt

total 6

-rw-r--r--    1 egjmnnq  UsersGrp       393 Jun 13 18:01 README.txt

lrwxrwxrwx    1 egjmnnq  UsersGrp        33 Jun 13 18:01 MyDocuments -> /drives/C/Users/egjmnnq/DOCUME~1/

lrwxrwxrwx    1 egjmnnq  UsersGrp        61 Jun 13 18:01 LauncherFolder -> /drives/C/Users/egjmnnq/Desktop/NEWFOL~1/ERICSS~1/MOBAXT~1.2/

lrwxrwxrwx    1 egjmnnq  UsersGrp        32 Jun 13 18:01 Desktop -> /drives/C/Users/egjmnnq/Desktop/

-rw-r--r--    1 egjmnnq  UsersGrp       606 Jun 13 18:23 karaf.id_dsa.pub

-rw-r--r--    1 egjmnnq  UsersGrp       751 Jun 13 18:23 karaf.id_dsa

                                                                         

                                                                                                                                                                                                                                                                                               

 

 

[egjmnnq.PF0KDF1U] cat karaf.id_dsa.pub

ssh-dss AAAAB3NzaC1kc3MAAACBANNMOUvACwVH99GhyKzSB7m/Ovy+xAQZX1gUs5Pk2FeUyCtR3nVBDNtdiT/4Eg/RT/Be+RynTanWJ/5KBeu3hY3I3gOIi9H1rFztf1ObOc+BvUtFC6h4/dppXqxmHm1PX67DVLAmz7IdR+dvxoG5iplJKHUvdRA8PiHB4ffL/c77AAAAFQDFTP6Qn+8McN3WA4/ELTcoYMzdKwAAAIBqK/E8dsXUSH62Og/TdifJpfLadq90zA3DHS1zvLYAJ+iIBm3V6jrKGw5H036hfYKOPvzWQ5USpkWfj4WXecra+Bfpxfq+zxWL3Xs1c592oJne4h0T9RQC780/tC3hLXoMeotuL4avM1IiQrnXkk3FjMj04elUIUwGAdBeVhG5HAAAAIAaaGsbYUzpdKrEOMpo+1XQGXkL8lGTW1JJOGbAGeZAe6/6xLIl025HIlnYCrAWsmqL6xcRzbzI/Enk3s9ZddQ+XmLJddgURwj8tMIAGZq0p7emBczw4fOaiv4Tc2Z+vyQJ+n+P9V94g1j2hdyqq4H2Ew0oPvIUUAEGv2Yz+SGj7Q== egjmnnq@PF0KDF1U

 

3. copied pub key in etc/keys.properties

 

egjmnnq=ssh-dss AAAAB3NzaC1kc3MAAACBANNMOUvACwVH99GhyKzSB7m/Ovy+xAQZX1gUs5Pk2FeUyCtR3nVBDNtdiT/4Eg/RT/Be+RynTanWJ/5KBeu3hY3I3gOIi9H1rFztf1ObOc+BvUtFC6h4/dppXqxmHm1PX67DVLAmz7IdR+dvxoG5iplJKHUvdRA8PiHB4ffL/c77AAAAFQDFTP6Qn+8McN3WA4/ELTcoYMzdKwAAAIBqK/E8dsXUSH62Og/TdifJpfLadq90zA3DHS1zvLYAJ+iIBm3V6jrKGw5H036hfYKOPvzWQ5USpkWfj4WXecra+Bfpxfq+zxWL3Xs1c592oJne4h0T9RQC780/tC3hLXoMeotuL4avM1IiQrnXkk3FjMj04elUIUwGAdBeVhG5HAAAAIAaaGsbYUzpdKrEOMpo+1XQGXkL8lGTW1JJOGbAGeZAe6/6xLIl025HIlnYCrAWsmqL6xcRzbzI/Enk3s9ZddQ+XmLJddgURwj8tMIAGZq0p7emBczw4fOaiv4Tc2Z+vyQJ+n+P9V94g1j2hdyqq4H2Ew0oPvIUUAEGv2Yz+SGj7Q== egjmnnq@PF0KDF1U,_g_:admingroup

_g_\:admingroup = group,admin,manager,viewer,systembundles

 

 

4. When I try to connect from my openSSH client it's still prompting for password.

 

[egjmnnq.PF0KDF1U] ssh -p 8101 -i karaf.id_dsa egjmnnq@...

egjmnnq@...'s password:

 

    ________                       ________                .__  .__       .__     __

    \_____  \ ______   ____   ____ \______ \ _____  ___.__.|  | |__| ____ |  |___/  |_

     /   |   \\____ \_/ __ \ /    \ |    |  \\__  \<   |  ||  | |  |/ ___\|  |  \   __\

    /    |    \  |_> >  ___/|   |  \|    `   \/ __ \\___  ||  |_|  / /_/  >   Y  \  |

    \_______  /   __/ \___  >___|  /_______  (____  / ____||____/__\___  /|___|  /__|

            \/|__|        \/     \/        \/     \/\/            /_____/      \/

 

 

Hit '<tab>' for a list of available commands

and '[cmd] --help' for help on a specific command.

Hit '<ctrl-d>' or type 'system:shutdown' or 'logout' to shutdown OpenDaylight.

 

opendaylight-user@root>

 

 

Am I missing anything ?

 

Thanks,

Vamsi

 

 

From: Ryan Goulding [mailto:ryandgoulding@gmail.com]
Sent: Wednesday, June 13, 2018 7:26 PM
To: A Vamsikrishna <a.vamsikrishna@...>
Cc: aaa-dev@...
Subject: Re: [Aaa-dev] ssh passwordless login to Karaf

 

Vamsi,

 

AAA does not control karaf's authentication; the two are configured separately.  I suggest you engage the upstream Apache Karaf community.

 

HTH.

 

Regards,

Ryan


Regards,

Ryan Goulding

 

On Wed, Jun 13, 2018 at 5:27 AM, A Vamsikrishna <a.vamsikrishna@...> wrote:

Hi Stephen / Ryan,

 

Can you please help me with the steps to perform ssh passwordless login to Karaf ?

 

Thanks,

Vamsi


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev

 



Re: ssh passwordless login to Karaf

A Vamsikrishna
 

Hi Ryan,

 

I want to do passwordless login using the userid: egjmnnq . I am following https://karaf.apache.org/manual/latest/security

 

below are the changes made but no luck as it's still prompting for password:

 

1. etc/users.properties:

 

egjmnnq = egjmnnq,_g_:admingroup

_g_\:admingroup = group,admin,manager,viewer,systembundles

 

 

2. Generated keys as follows on my openSSH client:

 

ssh-keygen -t dsa -f karaf.id_dsa -N karaf

 

[egjmnnq.PF0KDF1U] ls -lrt

total 6

-rw-r--r--    1 egjmnnq  UsersGrp       393 Jun 13 18:01 README.txt

lrwxrwxrwx    1 egjmnnq  UsersGrp        33 Jun 13 18:01 MyDocuments -> /drives/C/Users/egjmnnq/DOCUME~1/

lrwxrwxrwx    1 egjmnnq  UsersGrp        61 Jun 13 18:01 LauncherFolder -> /drives/C/Users/egjmnnq/Desktop/NEWFOL~1/ERICSS~1/MOBAXT~1.2/

lrwxrwxrwx    1 egjmnnq  UsersGrp        32 Jun 13 18:01 Desktop -> /drives/C/Users/egjmnnq/Desktop/

-rw-r--r--    1 egjmnnq  UsersGrp       606 Jun 13 18:23 karaf.id_dsa.pub

-rw-r--r--    1 egjmnnq  UsersGrp       751 Jun 13 18:23 karaf.id_dsa

                                                                         

                                                                                                                                                                                                                                                                                               

 

 

[egjmnnq.PF0KDF1U] cat karaf.id_dsa.pub

ssh-dss AAAAB3NzaC1kc3MAAACBANNMOUvACwVH99GhyKzSB7m/Ovy+xAQZX1gUs5Pk2FeUyCtR3nVBDNtdiT/4Eg/RT/Be+RynTanWJ/5KBeu3hY3I3gOIi9H1rFztf1ObOc+BvUtFC6h4/dppXqxmHm1PX67DVLAmz7IdR+dvxoG5iplJKHUvdRA8PiHB4ffL/c77AAAAFQDFTP6Qn+8McN3WA4/ELTcoYMzdKwAAAIBqK/E8dsXUSH62Og/TdifJpfLadq90zA3DHS1zvLYAJ+iIBm3V6jrKGw5H036hfYKOPvzWQ5USpkWfj4WXecra+Bfpxfq+zxWL3Xs1c592oJne4h0T9RQC780/tC3hLXoMeotuL4avM1IiQrnXkk3FjMj04elUIUwGAdBeVhG5HAAAAIAaaGsbYUzpdKrEOMpo+1XQGXkL8lGTW1JJOGbAGeZAe6/6xLIl025HIlnYCrAWsmqL6xcRzbzI/Enk3s9ZddQ+XmLJddgURwj8tMIAGZq0p7emBczw4fOaiv4Tc2Z+vyQJ+n+P9V94g1j2hdyqq4H2Ew0oPvIUUAEGv2Yz+SGj7Q== egjmnnq@PF0KDF1U

 

3. copied pub key in etc/keys.properties

 

egjmnnq=ssh-dss AAAAB3NzaC1kc3MAAACBANNMOUvACwVH99GhyKzSB7m/Ovy+xAQZX1gUs5Pk2FeUyCtR3nVBDNtdiT/4Eg/RT/Be+RynTanWJ/5KBeu3hY3I3gOIi9H1rFztf1ObOc+BvUtFC6h4/dppXqxmHm1PX67DVLAmz7IdR+dvxoG5iplJKHUvdRA8PiHB4ffL/c77AAAAFQDFTP6Qn+8McN3WA4/ELTcoYMzdKwAAAIBqK/E8dsXUSH62Og/TdifJpfLadq90zA3DHS1zvLYAJ+iIBm3V6jrKGw5H036hfYKOPvzWQ5USpkWfj4WXecra+Bfpxfq+zxWL3Xs1c592oJne4h0T9RQC780/tC3hLXoMeotuL4avM1IiQrnXkk3FjMj04elUIUwGAdBeVhG5HAAAAIAaaGsbYUzpdKrEOMpo+1XQGXkL8lGTW1JJOGbAGeZAe6/6xLIl025HIlnYCrAWsmqL6xcRzbzI/Enk3s9ZddQ+XmLJddgURwj8tMIAGZq0p7emBczw4fOaiv4Tc2Z+vyQJ+n+P9V94g1j2hdyqq4H2Ew0oPvIUUAEGv2Yz+SGj7Q== egjmnnq@PF0KDF1U,_g_:admingroup

_g_\:admingroup = group,admin,manager,viewer,systembundles

 

 

4. When I try to connect from my openSSH client it's still prompting for password.

 

[egjmnnq.PF0KDF1U] ssh -p 8101 -i karaf.id_dsa egjmnnq@...

egjmnnq@...'s password:

 

    ________                       ________                .__  .__       .__     __

    \_____  \ ______   ____   ____ \______ \ _____  ___.__.|  | |__| ____ |  |___/  |_

     /   |   \\____ \_/ __ \ /    \ |    |  \\__  \<   |  ||  | |  |/ ___\|  |  \   __\

    /    |    \  |_> >  ___/|   |  \|    `   \/ __ \\___  ||  |_|  / /_/  >   Y  \  |

    \_______  /   __/ \___  >___|  /_______  (____  / ____||____/__\___  /|___|  /__|

            \/|__|        \/     \/        \/     \/\/            /_____/      \/

 

 

Hit '<tab>' for a list of available commands

and '[cmd] --help' for help on a specific command.

Hit '<ctrl-d>' or type 'system:shutdown' or 'logout' to shutdown OpenDaylight.

 

opendaylight-user@root>

 

 

Am I missing anything ?

 

Thanks,

Vamsi

 

 

From: Ryan Goulding [mailto:ryandgoulding@...]
Sent: Wednesday, June 13, 2018 7:26 PM
To: A Vamsikrishna <a.vamsikrishna@...>
Cc: aaa-dev@...
Subject: Re: [Aaa-dev] ssh passwordless login to Karaf

 

Vamsi,

 

AAA does not control karaf's authentication; the two are configured separately.  I suggest you engage the upstream Apache Karaf community.

 

HTH.

 

Regards,

Ryan


Regards,

Ryan Goulding

 

On Wed, Jun 13, 2018 at 5:27 AM, A Vamsikrishna <a.vamsikrishna@...> wrote:

Hi Stephen / Ryan,

 

Can you please help me with the steps to perform ssh passwordless login to Karaf ?

 

Thanks,

Vamsi


_______________________________________________
aaa-dev mailing list
aaa-dev@...
https://lists.opendaylight.org/mailman/listinfo/aaa-dev

 

101 - 120 of 1823