Closed harpreet-singh-bola closed 8 years ago
ddrenjanac
commented
8 years ago We have the same problem. During the registration of application, step 3 is automatically skipped and, although the application is successfully registered, it is impossible to neither edit/manage it nor to see OAuth2 credentials.
Regards, Domagoj
garcianavalon
commented
8 years ago Hi all, Are you using your own installation or the Cloud Portal image? In case of the latest, try using the new release one (5.1.0)
Cheers
ddrenjanac
commented
8 years ago Hi,
we are using own installation of keyrock, i.e., keystone + horizon. We have just followed the steps to obtain the keystone and horizon from github and built/configured them manually.
What is interesting, after populating keystone with test data, the test user user0@test.com has already one registered application which is editable/managable. But when the same user tries to register a new application, it is unable to edit/manage it.
Thanks for help!
Regards, Domagoj
garcianavalon
commented
8 years ago Hi @ddrenjanac,
We just released a new version today that changes the installation method to be more clear and easier to configure. If you don't have any important data I would advise you drop the database, remove the current installation and install it again following the new documentation. Most probably there is a configuration error on your installation.
We have removed the fabric tasks and there is no test data anymore. After installing you can log into the website using the idm user or register a new user using the website. They should be able to perform the operation normally.
btw, any feedback on the new docs will be apreciated, let us know if we can improve it somehow :)
cheers!
harpreet-singh-bola
commented
8 years ago Hello to all,
today I tried the new version.
First of all, I think, there is a typo in the installation documentation:
cp etc/keystone.conf.example etc/keystone.conf
in this command the file to be copied is keystone.conf.sample and NOT keystone.conf.example.
Second, the installation was successful for both back-end and front-end components. But when I access the home page at localhost:8000 I got the following message: "A server error occurred. Please contact the administrator."
Here are the logs from Keystone:
2016-02-08 12:17:56.170 2733 WARNING keystone.common.wsgi [-] Authorization failed. The request you have made requires authentication. from 127.0.0.1 2016-02-08 12:17:56.172 2733 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [08/Feb/2016 12:17:56] "POST /v3/auth/tokens HTTP/1.1" 401 333 0.140358 2016-02-08 12:17:56.227 2735 WARNING keystone.common.wsgi [-] Authorization failed. The request you have made requires authentication. from 127.0.0.1 2016-02-08 12:17:56.229 2735 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [08/Feb/2016 12:17:56] "POST /v3/auth/tokens HTTP/1.1" 401 333 0.044855
Horizon logs as follow:
DEBUG:idm_logger:Creating a new internal keystoneclient connection to http://127.0.0.1:5000/v3. Unauthorized: The request you have made requires authentication. (HTTP 401) Traceback (most recent call last): File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 776, in _get_element_and_cache role = function(request, role) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 801, in <lambda> request, basic, lambda req, n: internal_keystoneclient(req).roles.find(name=n)) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 63, in internal_keystoneclient cache.set(CACHE_CLIENT, keystoneclient.session.get_token(), INTERNAL_CLIENT_CACHE_TIME) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 610, in get_token return (self.get_auth_headers(auth) or {}).get('X-Auth-Token') File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 589, in get_auth_headers return auth.get_headers(self, **kwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/base.py", line 114, in get_headers token = self.get_token(session) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/identity/base.py", line 104, in get_token return self.get_access(session).auth_token File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/identity/base.py", line 144, in get_access self.auth_ref = self.get_auth_ref(session) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/identity/v3.py", line 127, in get_auth_ref authenticated=False, log=False, **rkwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 488, in post return self.request(url, 'POST', **kwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/utils.py", line 318, in inner return func(*args, **kwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 389, in request raise exceptions.from_response(resp, method, url) Unauthorized: The request you have made requires authentication. (HTTP 401) Traceback (most recent call last): File "/usr/lib/python2.7/wsgiref/handlers.py", line 85, in run self.result = application(self.environ, self.start_response) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/contrib/staticfiles/handlers.py", line 67, in __call__ return self.application(environ, start_response) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/handlers/wsgi.py", line 187, in __call__ self.load_middleware() File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 47, in load_middleware mw_instance = mw_class() File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/middleware/locale.py", line 24, in __init__ for url_pattern in get_resolver(None).url_patterns: File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/urlresolvers.py", line 365, in url_patterns patterns = getattr(self.urlconf_module, "urlpatterns", self.urlconf_module) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/urlresolvers.py", line 360, in urlconf_module self._urlconf_module = import_module(self.urlconf_name) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/utils/importlib.py", line 40, in import_module __import__(name) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/urls.py", line 36, in <module> from openstack_dashboard.dashboards.idm_admin.user_accounts \ File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/views.py", line 28, in <module> from openstack_dashboard.dashboards.idm_admin.user_accounts \ File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/forms.py", line 195, in <module> class UpdateAccountForm(forms.SelfHandlingForm, UserAccountsLogicMixin): File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/forms.py", line 202, in UpdateAccountForm choices=get_account_choices()) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/forms.py", line 172, in get_account_choices use_idm_account=True), File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 801, in get_basic_role request, basic, lambda req, n: internal_keystoneclient(req).roles.find(name=n)) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 780, in _get_element_and_cache exceptions.handle(request) File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/exceptions.py", line 291, in handle messages.error(request, message or fallback) File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/messages.py", line 83, in error fail_silently=fail_silently) File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/messages.py", line 41, in add_message if not horizon_message_already_queued(request, message): File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/messages.py", line 28, in horizon_message_already_queued if request.is_ajax(): AttributeError: 'NoneType' object has no attribute 'is_ajax' [08/Feb/2016 11:17:56] "GET / HTTP/1.1" 500 59 DEBUG:idm_logger:Creating a new internal keystoneclient connection to http://127.0.0.1:5000/v3. Unauthorized: The request you have made requires authentication. (HTTP 401) Traceback (most recent call last): File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 776, in _get_element_and_cache role = function(request, role) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 801, in <lambda> request, basic, lambda req, n: internal_keystoneclient(req).roles.find(name=n)) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 63, in internal_keystoneclient cache.set(CACHE_CLIENT, keystoneclient.session.get_token(), INTERNAL_CLIENT_CACHE_TIME) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 610, in get_token return (self.get_auth_headers(auth) or {}).get('X-Auth-Token') File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 589, in get_auth_headers return auth.get_headers(self, **kwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/base.py", line 114, in get_headers token = self.get_token(session) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/identity/base.py", line 104, in get_token return self.get_access(session).auth_token File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/identity/base.py", line 144, in get_access self.auth_ref = self.get_auth_ref(session) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/auth/identity/v3.py", line 127, in get_auth_ref authenticated=False, log=False, **rkwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 488, in post return self.request(url, 'POST', **kwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/utils.py", line 318, in inner return func(*args, **kwargs) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/src/python-keystoneclient/keystoneclient/session.py", line 389, in request raise exceptions.from_response(resp, method, url) Unauthorized: The request you have made requires authentication. (HTTP 401) Traceback (most recent call last): File "/usr/lib/python2.7/wsgiref/handlers.py", line 85, in run self.result = application(self.environ, self.start_response) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/contrib/staticfiles/handlers.py", line 67, in __call__ return self.application(environ, start_response) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/handlers/wsgi.py", line 187, in __call__ self.load_middleware() File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 47, in load_middleware mw_instance = mw_class() File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/middleware/locale.py", line 24, in __init__ for url_pattern in get_resolver(None).url_patterns: File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/urlresolvers.py", line 365, in url_patterns patterns = getattr(self.urlconf_module, "urlpatterns", self.urlconf_module) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/core/urlresolvers.py", line 360, in urlconf_module self._urlconf_module = import_module(self.urlconf_name) File "/home/dnaphone/Fiware-enablers/idm/horizon/.venv/local/lib/python2.7/site-packages/django/utils/importlib.py", line 40, in import_module __import__(name) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/urls.py", line 36, in <module> from openstack_dashboard.dashboards.idm_admin.user_accounts \ File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/views.py", line 28, in <module> from openstack_dashboard.dashboards.idm_admin.user_accounts \ File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/forms.py", line 195, in <module> class UpdateAccountForm(forms.SelfHandlingForm, UserAccountsLogicMixin): File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/forms.py", line 202, in UpdateAccountForm choices=get_account_choices()) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/dashboards/idm_admin/user_accounts/forms.py", line 172, in get_account_choices use_idm_account=True), File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 801, in get_basic_role request, basic, lambda req, n: internal_keystoneclient(req).roles.find(name=n)) File "/home/dnaphone/Fiware-enablers/idm/horizon/openstack_dashboard/fiware_api/keystone.py", line 780, in _get_element_and_cache exceptions.handle(request) File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/exceptions.py", line 291, in handle messages.error(request, message or fallback) File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/messages.py", line 83, in error fail_silently=fail_silently) File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/messages.py", line 41, in add_message if not horizon_message_already_queued(request, message): File "/home/dnaphone/Fiware-enablers/idm/horizon/horizon/messages.py", line 28, in horizon_message_already_queued if request.is_ajax(): AttributeError: 'NoneType' object has no attribute 'is_ajax'
Why I am not authorized to open the home page?
Thank you for the help.
ddrenjanac
commented
8 years ago Hi @harpreet-singh-bola
I had the same problem as you and did following:
1) locate local_settings.py file in ../horizon/openstack_dashboard/local
2) locate following lines in the local_settings.py file
IDM_USER_CREDENTIALS = { 'username': 'idm', \ 'password': '$$IDM_PASS',** 'project': 'idm', }
3) replace password with the password you entered during the keystone installation.
Hope this solves your problem as well.
Regards, Domagoj
harpreet-singh-bola
commented
8 years ago Thank you @ddrenjanac, this did the trick also for me!
Regards.
garcianavalon
commented
8 years ago fixed the typo in https://github.com/ging/fiware-idm/commit/93a84279c51d28c58242918b896bdc0efa3ee488
cp etc/keystone.conf.example etc/keystone.conf
Thanks for the report!
federicofdez
commented
8 years ago Seems to be solved.
Thanks again!
The application registration procedure in KeyRock is facing some problems. When we try to register an application no errors are returned and the step to configure roles (step 3) is directly skipped.
Application is created successfully but it is not possible to remove it, to change roles and permissions and I even can't see oAuth2 credentials.
First we discussed the problem here and then we decided to create the issue as no solution was found.
Here are the logs generated by KeyRock when registering an application:
[28/Jan/2016 13:51:39] "GET /idm/myApplications/create/ HTTP/1.1" 200 13742 CacheKeyWarning: Cache key contains characters that will cause errors if used with memcached: u":1:<role application_id="d59c43b160674fe6b28378f26c8d0746," id="807bcb009bb047a7b0611531b3167cd1," is_internal="True," links="{u'self':" u'http:="" 127.0.0.1:35357="" v3="" os-roles="" roles="" 807bcb009bb047a7b0611531b3167cd1'},="" name="purchaser">" WARNING:py.warnings:CacheKeyWarning: Cache key contains characters that will cause errors if used with memcached: u":1:<role application_id="d59c43b160674fe6b28378f26c8d0746," id="807bcb009bb047a7b0611531b3167cd1," is_internal="True," links="{u'self':" u'http:="" 127.0.0.1:35357="" v3="" os-roles="" roles="" 807bcb009bb047a7b0611531b3167cd1'},="" name="purchaser">" DEBUG:idmlogger:Application Test App created [28/Jan/2016 13:52:06] "POST /idm/myApplications/create/ HTTP/1.1" 302 0 [28/Jan/2016 13:52:06] "GET /idm/myApplications/5a852ce979af422dad557688c89e5043/step/avatar/ HTTP/1.1" 200 13302 DEBUG:idmlogger:Avatar for application 5a852ce979af422dad557688c89e5043 saved [28/Jan/2016 13:52:22] "POST /idm/myApplications/5a852ce979af422dad557688c89e5043/step/avatar/ HTTP/1.1" 302 0 [28/Jan/2016 13:52:22] "GET /idm/myApplications/5a852ce979af422dad557688c89e5043/step/roles/ HTTP/1.1" 302 0 [28/Jan/2016 13:52:22] "GET /home/ HTTP/1.1" 302 0 [28/Jan/2016 13:52:22] "GET /idm/ HTTP/1.1" 200 13753 [28/Jan/2016 13:52:22] "GET /filters/organizations?page=1&userid=idm HTTP/1.1" 200 322 [28/Jan/2016 13:52:22] "GET /filters/applications?page=1&userid=idm HTTP/1.1" 200 661Thank you, DNAPhone team.