You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Amogh Vasekar (JIRA)" <ji...@apache.org> on 2013/07/23 22:00:48 UTC
[jira] [Resolved] (CLOUDSTACK-3285) UCS: Need support for HTTP
redirects and HTTPS Certificate handling
[ https://issues.apache.org/jira/browse/CLOUDSTACK-3285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Amogh Vasekar resolved CLOUDSTACK-3285.
---------------------------------------
Resolution: Fixed
The redirect now works, using EasySSLProtocolFactory. Note that it accepts self-signed certificates.
Multiple level of redirects are currently disallowed
> UCS: Need support for HTTP redirects and HTTPS Certificate handling
> -------------------------------------------------------------------
>
> Key: CLOUDSTACK-3285
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3285
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: UCS
> Affects Versions: 4.2.0
> Environment: Master; Basic Bare-metal and UCS
> Reporter: Parth Jagirdar
> Assignee: Amogh Vasekar
> Priority: Critical
>
> By default UCS has HTTP to HTTPs redirect enabled.
> At which point, addUcsManager fails with following error.
> 2013-06-28 14:19:57,020 DEBUG [cloud.api.ApiServlet] (catalina-exec-20:null) ===START=== 10.217.252.127 -- GET command=addUcsManager&zoneid=d92cc843-8c50-4f57-9c07-1041bf859f8d&name=ucsmanager&url=10.223.184.2&username=admin&response=json&sessionkey=NiAtOI4sZHTkTJ37Y4jz0ntaeYg%3D&_=1372454390205
> 2013-06-28 14:19:57,256 WARN [cloudstack.api.AddUcsManagerCmd] (catalina-exec-20:null) Exception:
> com.cloud.utils.exception.CloudRuntimeException: Cannot get cookie
> at com.cloud.ucs.manager.UcsManagerImpl.getCookie(UcsManagerImpl.java:174)
> at com.cloud.ucs.manager.UcsManagerImpl.listBlades(UcsManagerImpl.java:179)
> at com.cloud.ucs.manager.UcsManagerImpl.discoverBlades(UcsManagerImpl.java:123)
> at com.cloud.ucs.manager.UcsManagerImpl.addUcsManager(UcsManagerImpl.java:154)
> at org.apache.cloudstack.api.AddUcsManagerCmd.execute(AddUcsManagerCmd.java:68)
> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
> at com.cloud.api.ApiServer.queueCommand(ApiServer.java:528)
> at com.cloud.api.ApiServer.handleRequest(ApiServer.java:371)
> at com.cloud.api.ApiServlet.processRequest(ApiServlet.java:304)
> at com.cloud.api.ApiServlet.doGet(ApiServlet.java:66)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
> at org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcessor.java:889)
> at org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:721)
> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:2268)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
> at java.lang.Thread.run(Thread.java:679)
> Caused by: com.cloud.utils.exception.CloudRuntimeException: Call failed: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>302 Found</title>
> </head><body>
> <h1>Found</h1>
> <p>The document has moved <a href="https://10.223.184.2/nuova">here</a>.</p>
> </body></html>
> at com.cloud.ucs.manager.UcsHttpClient.call(UcsHttpClient.java:50)
> at com.cloud.ucs.manager.UcsManagerImpl.getCookie(UcsManagerImpl.java:166)
> ... 26 more
> Caused by: com.cloud.utils.exception.CloudRuntimeException: Call failed: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>302 Found</title>
> </head><body>
> <h1>Found</h1>
> <p>The document has moved <a href="https://10.223.184.2/nuova">here</a>.</p>
> </body></html>
> at com.cloud.ucs.manager.UcsHttpClient.call(UcsHttpClient.java:41)
> ... 27 more
> 2013-06-28 14:19:57,257 INFO [cloud.api.ApiServer] (catalina-exec-20:null) Cannot get cookie
> 2013-06-28 14:19:57,258 DEBUG [cloud.api.ApiServlet] (catalina-exec-20:null) ===END=== 10.217.252.127 -- GET command=addUcsManager&zoneid=d92cc843-8c50-4f57-9c07-1041bf859f8d&name=ucsmanager&url=10.223.184.2&username=admin&response=json&sessionkey=NiAtOI4sZHTkTJ37Y4jz0ntaeYg%3D&_=1372454390205
> 2013-06-28 14:20:02,479 DEBUG [cloud.server.StatsCollector] (StatsCollector-2:null) HostStatsCollector is running...
> 2013-06-28 14:20:02,481 DEBUG [cloud.server.StatsCollector] (StatsCollector-2:null) VmStatsCollector is running...
> 2013-06-28 14:20:02,482 DEBUG [cloud.server.StatsCollector] (StatsCollector-3:null) StorageCollector is running...
> 2013-06-28 14:20:13,761 DEBUG [storage.secondary.SecondaryStorageManagerImpl] (secstorage-1:null) Zone 2 is not ready to launch secondary storage VM yet
> However if we disable the redirect on UCS server by:
> Admin -> Communication Services -> under HTTP disable redirects.
> As this is potential security issue marking as Critical.
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira