First Last Prev Next    This bug is not in your last search results.
Bug 46563 - Upgrade to 4.3 breaks UMC with single-server SSO configured
Upgrade to 4.3 breaks UMC with single-server SSO configured
Status: RESOLVED DUPLICATE of bug 47241
Product: UCS
Classification: Unclassified
Component: SAML
UCS 4.3
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-09 10:42 CET by Valentin Heidelberger
Modified: 2018-06-29 11:01 CEST (History)
5 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 5: Blocking further progress on the daily work
User Pain: 0.143
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Valentin Heidelberger univentionstaff 2018-03-09 10:42:17 CET 
Upgrading an UCS machine to 4.3 in AWS seems to break UMC. 

Steps to reproduce:

- Start 4.2 UCS instance in AWS
- Upgrade to 4.3
- UMC doesn't work anymore

I could not reproduce this on a KVM machine so far, so there seems to be something specific about AWS instances that comes into play here.

What I tried so far:
- restarting apache2, univention-management-console-server, univention-management-console-web-server
- reboot
- clearing browser data

The following errors are in /var/log/univention/management-console-web-server.log, when accessing the UMC on such an instance:

09.03.18 10:32:21.697  MAIN        ( ERROR   ) : Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond
    response.body = self.handler()
  File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__
    self.body = self.oldhandler(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cperror.py", line 411, in __call__
    raise self
NotFound: (404, "The path '/portal/' was not found.")

09.03.18 10:32:22.064  MAIN        ( ERROR   ) : Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond
    response.body = self.handler()
  File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__
    self.body = self.oldhandler(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cperror.py", line 411, in __call__
    raise self
NotFound: (404, "The path '/management/style.css' was not found.")

09.03.18 10:32:22.622  MAIN        ( ERROR   ) : Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond
    response.body = self.handler()
  File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__
    self.body = self.oldhandler(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cperror.py", line 411, in __call__
    raise self
NotFound: (404, "The path '/login/main.js' was not found.")

09.03.18 10:32:22.728  MAIN        ( ERROR   ) : Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 670, in respond
    response.body = self.handler()
  File "/usr/lib/python2.7/dist-packages/cherrypy/lib/encoding.py", line 217, in __call__
    self.body = self.oldhandler(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cperror.py", line 411, in __call__
    raise self
NotFound: (404, "The path '/languages.json' was not found.")
Comment 1 Andreas Peichert univentionstaff 2018-03-09 14:08:12 CET 
Note: seems to be a problem with SAML in the AWS cloud formation integration.

Disabling the Apache configuration will make the UMC usable again
root@ucs-master:~# a2dissite univention-saml.conf
root@ucs-master:~# apachectl restart
Comment 2 Valentin Heidelberger univentionstaff 2018-03-09 17:12:21 CET 
The following SDB article is configured on the CFs that have problems with univention-saml.conf:

https://help.univention.com/t/configure-saml-single-sign-on-as-single-server-solution/6681
Comment 3 Erik Damrose univentionstaff 2018-03-12 14:04:11 CET 
See also: Bug 46447

I can verify this in an EC2 setting
Comment 4 Erik Damrose univentionstaff 2018-06-29 11:01:03 CEST 

*** This bug has been marked as a duplicate of bug 47241 ***
First Last Prev Next    This bug is not in your last search results.