Juniper Openstack

[R4.1 ubuntu16 ]able to access alarms opserver introsspect with out authentication

Bug #1714751 reported by aswani kumar on 2017-09-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Juniper Openstack	Status tracked in Trunk
	Trunk	Fix Committed	Medium	Megh Bhatt	Juniper Openstack r4.1.0.0-fcs "r4.1"

Bug Description

R4.1 build 41 newton ubuntu16

with cloud admin enabled it should not allow to access opserver analytics without authentication

but i am able to access alarms page
http://nodea34:8081/analytics/alarms
{
analytics-node: [ ],
vrouter: [ ]
}

Its working fine with other objects

http://nodea34:8081/analytics/tables
Authentication required

http://nodea34:8081/analytics/queries
Authentication required

Tags:

aswani kumar (aswanikumar90) on 2017-09-03

tags:	added: analytics
tags:	added: sanity

Sudheendra Rao (sudheendra-k) on 2017-09-07

tags:

added: blocker

Rudra Rugge (rrugge) on 2017-09-08

tags:

removed: sanity

Revision history for this message

Megh Bhatt (meghb) wrote on 2017-09-08:

Issue is only related to returning empty lists, no alarms are actually returned, hence moving to medium

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2017-09-08: [Review update] master

Review in progress for https://review.opencontrail.org/35409
Submitter: Megh Bhatt (<email address hidden>)

Sudheendra Rao (sudheendra-k) on 2017-09-11

tags:

added: sanityblocker
removed: blocker

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2017-09-11: A change has been merged

Reviewed: https://review.opencontrail.org/35409
Committed: http://github.com/Juniper/contrail-controller/commit/81a39b3efdc9c43222c21e7b66424a3b2e19df5b
Submitter: Zuul (<email address hidden>)
Branch: master

commit 81a39b3efdc9c43222c21e7b66424a3b2e19df5b
Author: Megh Bhatt <email address hidden>
Date: Fri Sep 8 14:09:06 2017 -0700

Fix listing of alarms returned by contrail-analytics-api

The URL analytics/alarms was returning empty list of alarms
even when user did not pass in a auth token and the contrail-analytics-api
was running with aaa_mode set to cloud-admin or rbac. Fix this by
adding a check for auth token to be present in these cases.

Change-Id: I29b26ac9086998150330a67ccae594d7b6e045d7
Closes-Bug: #1714751

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.