yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1794710] Re: WebSSO initial redirect 404s

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1794710@xxxxxxxxxxxxxxxxxx>
Date: Sat, 10 Nov 2018 21:05:24 -0000
Reply-to: Bug 1794710 <1794710@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/611387
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=1953c689e86ecdf131b4cf176bf4ff47b53493cf
Submitter: Zuul
Branch:    master

commit 1953c689e86ecdf131b4cf176bf4ff47b53493cf
Author: Radomir Dopieralski <rdopiera@xxxxxxxxxx>
Date:   Wed Oct 17 18:44:21 2018 +0200

    Properly calculate auth_url for WEBSSO from POST data
    
    The redirect for WEBSSO takes its data directly from the request's
    POST data, and the format of that data has changed, so now we need
    to convert it for it to work correctly.
    
    Change-Id: I5b18e555a9bc6b24be1e59465f07e73e99739e22
    closes-bug: #1794710


** Changed in: horizon
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1794710

Title:
  WebSSO initial redirect 404s

Status in OpenStack Dashboard (Horizon):
  Fix Released

Bug description:
  On current master of horizon, when WebSSO is configured, after
  selecting the SSO auth method from the "Authenticate Using" dropdown
  menu, instead of redirecting to the configured identity provider,
  horizon redirects to /dashboard/auth/login/default/auth/OS-
  FEDERATION/websso/mapped and then 404s.

  git bisect shows that this is the commit that introduced the bug:
  https://review.openstack.org/593650

  stable/rocky works fine.

  Steps to reproduce
  ------------------

  Configure horizon with:

   WEBSSO_ENABLED = True
   WEBSSO_CHOICES = (("credentials", _("Keystone Credentials")), ("mapped", _("External Authentication Service")),)
   DEBUG = True

  In the dropdown menu on the login screen, select "External
  Authentication Service"

  Expected behavior
  -----------------

  Horizon should redirect to the configured identity provider for the
  keystone federation protocol named "mapped". If you have not fully set
  up federation in keystone, keystone should return a 401.

  Actual behavior
  ---------------

  Horizon returns a 404 with this message:

  Using the URLconf defined in openstack_dashboard.urls, Django tried
  these URL patterns, in this order:

  ^$ [name='splash']
  ^api/
  ^header/
  ^home/$ [name='user_home']
  ^i18n/js/(?P<packages>\S+?)/$ [name='jsi18n']
  ^i18n/setlang/$ [name='set_language']
  ^i18n/
  ^jasmine-legacy/$ [name='jasmine_tests']
  ^jasmine/.*?$
  ^settings/
  ^identity/
  ^admin/
  ^project/
  ^ngdetails/ [name='ngdetails']
  ^auth/ ^login/$ [name='login']
  ^auth/ ^logout/$ [name='logout']
  ^auth/ ^switch/(?P<tenant_id>[^/]+)/$ [name='switch_tenants']
  ^auth/ ^switch_services_region/(?P<region_name>[^/]+)/$ [name='switch_services_region']
  ^auth/ ^switch_keystone_provider/(?P<keystone_provider>[^/]+)/$ [name='switch_keystone_provider']
  ^auth/ ^websso/$ [name='websso']
  ^auth/ ^error/$
  ^dashboard\/static\/(?P<path>.*)$
  ^dashboard\/media\/(?P<path>.*)$
  ^500/$
  The current path, auth/login/default/auth/OS-FEDERATION/websso/mapped, didn't match any of these.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1794710/+subscriptions

References

[Bug 1794710] [NEW] WebSSO initial redirect 404s
From: Colleen Murphy, 2018-09-27