[MGNLCAMPU-54] Can not push campaign after changes to superuser password Created: 10/Aug/16  Updated: 28/Feb/17  Resolved: 21/Feb/17

Status: Closed
Project: Campaign Publisher
Component/s: None
Affects Version/s: 1.0
Fix Version/s: None

Type: Bug Priority: Major
Reporter: Marcus Käppi Assignee: Oanh Thai Hoang
Resolution: Obsolete Votes: 0
Labels: None
Remaining Estimate: 0d
Time Spent: 0.5d
Original Estimate: 1d
Environment:

Magnolia 5.4.8.
Campaign publisher 1.0


Attachments: PNG File Screen Shot 2016-08-10 at 13.40.13.png     PNG File data-transfer-core.png    
Issue Links:
Relates
dependency
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:

 Description   

When trying to push content via campaign publisher it works initially.
If anyone changes default password for superuser the push fails with
"authentication failure"



 Comments   
Comment by Marcus Käppi [ 10/Aug/16 ]

This error message is from the error log from the instance we are pushing from.


2016-08-10 13:43:02,022 | ERROR | http-nio-10.0.2.15-41680-exec-2 | info.magnolia.datatransfer.api.service.impl.DataTransferServiceImpl | Failed to push message<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta charset="utf-8" />
<title>Magnolia 5</title>
<meta name="description" content="" />
<meta name="author" content="Magnolia International AG" />
<meta name="viewport" content="user-scalable=1.0,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0">
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="format-detection" content="telephone=no">
<meta http-equiv="cache-control" content="no-cache"/>
<meta http-equiv="pragma" content="no-cache"/>
<meta name="ctxPath" content=""/>
<link rel="stylesheet" type="text/css" media="screen" href="/.resources/defaultMagnoliaLoginForm/css/reset.css" />
<link rel="stylesheet" type="text/css" media="screen" href="/.resources/defaultMagnoliaLoginForm/css/login.css" />
<link rel="stylesheet" type="text/css" href="/.resources/defaultMagnoliaLoginForm/css/fonts.css" />
<link rel="shortcut icon" type="image/ico" href="/.resources/defaultMagnoliaLoginForm/img/favicon.ico" />
</head>
<body>
<div id="content" style="top: 60px;">
<div id="login" class="login-panel" style="display: block; opacity: 1; -webkit-transition: all 0s cubic-bezier(0.25, 0.1, 0.25, 1);" >
<div class="header">
<div class="tag-line">
</div>
</div>

<form id="loginForm" action="" method="post" class="mgnl-form">
<div id="login-divet" class="divet"></div>
<div style="height:28px;"></div>
<label for="login-username">user name</label>
<input type="text" value="" id="login-username" name="mgnlUserId" tabindex="1" autofocus autocorrect="off" autocapitalize="off">
<br class="float-clear"/>
<label for="login-password">password</label>
<input type="password" id="login-password" value="" name="mgnlUserPSWD" tabindex="2"><br class="float-clear"/>
<div>
<button class="btn-submit" id="login-button" style="float:right;" tabindex="3">login</button>
</div>
<br class="float-clear" />
</form>
</div>
<div id="footer">
Magnolia is a registered trademark of Magnolia International Ltd.
<br/>
© Copyright 2003-2016
<a href="http://www.magnolia-cms.com" id="externallink" target="_blank">Magnolia International Ltd.</a>
</div>
<script type="text/javascript">
document.ontouchmove = function(e)

{ e.preventDefault(); }
var username = document.getElementById('login-username')
var password = document.getElementById('login-password')
function removeErrorClass() { this.removeAttribute('class')}
//username.onfocus = function(e){ e.preventDefault(); }

username.onblur = removeErrorClass
password.onblur = removeErrorClass
</script>
</div>
</body>
</html>


It is the instance that we are pushing to that the password for superuser is changed.

Comment by Viet Nguyen [ 11/Aug/16 ]

Dear Marcus Käppi,

We are glad to hearing from you and thanks for your reported issue. We also got the confirmation from your team regarding

Changing back to original password then contents could be published gain.

We will start investigating the issue and provide you with any updated information as soon as we have.
FYI: Could you please consider creating SUPPORT ticket in our SUPPORT space on Jira to get timely response and best attention from our Customer support staffs. We will also open module tickets for bug fixing and inform you about any changes/updates accordingly. Within scope of this issue, I will try to open a SUPPORT ticket and inform you with any change and update that we have.

Have a good day!
Viet Nguyen

Comment by Viet Nguyen [ 12/Aug/16 ]

Dear Marcus,

I tried to reproduce your issue on Magnolia 5.4.8 using Campaign Publisher module version 1.0 but the issue does not appear. Could you please help us with more information regarding how did you build your environment as well as specific configuration from your side so that we can reproduce the issue here and will help you on fixing it.

Regards,
Viet

Comment by Marcus Käppi [ 07/Sep/16 ]

Hi!

The error is really there according to our users. They even published a video to show it.
https://www.youtube.com/watch?v=4XbDBDtPNDQ

Comment by Marcus Käppi [ 07/Sep/16 ]

The Version is the latest 0.67 lightdev for telia and Magnolia 5.4.8.
https://wiki.magnolia-cms.com/display/VN/Release+Notes+for+Telia+0.67

Comment by Oanh Thai Hoang [ 08/Sep/16 ]

Hi buf481

This is not a bug. This is a normal mechanism that works at very first release.

The transferUser is configured at receiver instance to do some special tasks for system such as import task.

Here is the configured path /modules/data-transfer-core/config/transferUser.
Here is setup guide
Here is image example https://wiki.magnolia-cms.com/display/VN/Installation+and+configuration+guide?preview=/104235220/104235226/config%20core.png#Installationandconfigurationguide-DefaultconfigurationforDatatransfer, can found in Installation and configuration guide

In your case, at target author instance, please enter to /modules/data-transfer-core/config/transferUser and change password to superuser123

Regards,
Oanh Thai

Comment by Marcus Käppi [ 08/Sep/16 ]

Thanks for the clarification.
However there is another problem in this. It is not allowed to have the password in plain sight.
We have a wish list on that issue:
1. Make the password hidden by ••••••• or something similar.
2. Instead of user/password it should be based on role.

We can figure that the second request is more job to implement, but the
first request are fairly simple.

Should I write a new jira for this?

Comment by Oanh Thai Hoang [ 08/Sep/16 ]

Hi buf481

Thanks for your reply.

Regarding option 2:

2. Instead of user/password it should be based on role.

I think we can't base on role. Because this user is also used for authenticated in receiver instance, we can't use role to authenticate . By the way, the configured user does not need the role superuser, he just need role campaign-import

Regarding option 1:

1. Make the password hidden by ••••••• or something similar.

Our solution is adding new action in Data transfer app and we can click to action and configure user in there but the data of user still kept in old path /modules/data-transfer-core/config/transferUser and of course it will be encoded.

I will create jira for option 1.

Regards,
Oanh Thai

Comment by Oanh Thai Hoang [ 08/Sep/16 ]

Ticket MGNLDATATR-123 has just been created.

Comment by Marcus Käppi [ 08/Sep/16 ]

option with role-setting would be possible but requires design changes.
But we can live with hidden password option.

Generated at Sun Feb 11 23:56:58 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.