[JBoss JIRA] (JBIDE-15830) openshift-java-client: incompatibility with OpenShift Enterprise and Origin when using the remote-user authentication plugin

Wednesday, 13 November 2013

    [
https://issues.jboss.org/browse/JBIDE-15830?page=com.atlassian.jira.plugi...
] 

Andre Dietisheim edited comment on JBIDE-15830 at 11/13/13 11:34 AM:
---------------------------------------------------------------------

The useragent is set via a properties file:

{code:title=RestService (constructor)}
setupClient(properties.getUseragent(clientId), protocolVersion, acceptedMediaType,
client);
{code}

The properties file that shipped with the client library has the useragent that we're
using in OpenShift. The properties file allows the maven build to substitute the plugin
version in the user-agent:

{code:title=src\/main\/resources\/restservice.properties}
useragent=Java OpenShift REST/{0} ({1})
{code}

To my current understanding you should be able to override the user-agent by providing
your own restservice.properties.
This would then in turn allow us to remove the magic code (discussed above) that mangles
the useragent when keys are present.

      was (Author: adietish):
    The useragent is set via a properties file:

{code:title=RestService (constructor)}
setupClient(properties.getUseragent(clientId), protocolVersion, acceptedMediaType,
client);
{code}

The properties file that shipped with the client library has the useragent that we're
using in OpenShift. The properties file allows the maven build to substitute the plugin
version in the user-agent:

{code:src/main/resources/restservice.properties}
useragent=Java OpenShift REST/{0} ({1})
{code}

To my current understanding you should be able to override the user-agent by providing
your own restservice.properties.
This would then in turn allow us to remove the magic code (discussed above) that mangles
the useragent when keys are present.

...
 openshift-java-client: incompatibility with OpenShift Enterprise and
Origin when using the remote-user authentication plugin

----------------------------------------------------------------------------------------------------------------------------

                 Key: JBIDE-15830
                 URL: https://issues.jboss.org/browse/JBIDE-15830
             Project: Tools (JBoss Tools)
          Issue Type: Bug
          Components: openshift
    Affects Versions: 4.1.1.Beta1
            Reporter: Brenton Leanhardt
            Assignee: Andre Dietisheim
              Labels: openshift-java-client
             Fix For: 4.1.1.CR1, 4.2.0.Alpha1

 OpenShift Enterprise and Origin both ship an authentication plugin that allows parts of
authentication to be handled by Apache and other parts to be delegated to the
openshift-origin-controller codebase.  I've found that all versions of
openshift-java-client after 2.3.0.Final change a (poorly documented) requirement for the
OpenShift remote-user plugin.
 In order for a request to bypass the Apache authentication and passthrough to the
OpenShift Broker the user-agent header is inspected.  If the user-agent is
'OpenShift' then the Broker will require an encrypted authentication token.  Today
this is used by the jenkins cartridge but I believe it's also still used for scaling.
 You can see this for details:

https://github.com/openshift/origin-server/blob/master/documentation/arch...
 In 2.3.0.Final of the openshift-java-client the user-agent was 'OpenShift'
however all versions after this set the user-agent to the java version (eg, User-Agent:
Java/1.7.0_45). 
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006