GUI gets stuck after login with wrong password

[fansari]

ISSUE TYPE

• Bug Report

COMPONENT NAME

UI

CLOUDSTACK VERSION

4.19.0.0

CONFIGURATION

N/A

OS / ENVIRONMENT

N/A

SUMMARY

When I login once with wrong password to the WebGUI the login gets stuck.

A reload of the page does not help.

I need to clear my browser cache and after this it is working again.

Tested with Chrome, Edge and Firefox.

STEPS TO REPRODUCE

Login with a local user to the WebGUI and enter a wrong password.

EXPECTED RESULTS

I expect an error message when I login with a wrong password.

Also the WebGUI should still be responding after this.

ACTUAL RESULTS

The login is stuck. You don't get the login page again until you clear the cache of your web browser.

[boring-cyborg]

Thanks for opening your first issue here! Be sure to follow the issue template!

[StepBee]

To bring some more details into the issue.
The issue occurs when

• providing a valid username and domain but an invalid password

The issue does not occur, when providing an invalid username or domain.

The browser is submitting the correct api command post request (command: login with credentials) but never receives a reply.

The Management Server is throwing an error.
In our production environment and in this test environment OAuth2 is not configured.
For the log below, the user "admin" is the default local "admin" user.

Error is:
"unknown exception writing api response
com.cloud.utils.exception.CloudRuntimeException: OAuth2 authentication provider name is empty"
The browser never receives a reply because of the unknown exception.

2024-05-27 12:16:18,426 DEBUG [c.c.a.ApiServlet] (qtp201719260-14:ctx-5a6e8645) (logid:6cfc2e62) ===START===  192.168.2.119 -- GET  command=logout&response=json
2024-05-27 12:16:18,427 DEBUG [c.c.a.ApiServlet] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) ===START===  192.168.2.119 -- POST
2024-05-27 12:16:18,430 DEBUG [c.c.a.ApiServlet] (qtp201719260-14:ctx-5a6e8645) (logid:6cfc2e62) ===END===  192.168.2.119 -- GET  command=logout&response=json
2024-05-27 12:16:18,431 DEBUG [c.c.a.ApiSessionListener] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Session created by Id : node0k9hmo8u8zlu91k1vbb8dtqeyk5 , session: Session@1363043a{id=node0k9hmo8u8zlu91k1vbb8dtqeyk5,x=node0k9hmo8u8zlu91k1vbb8dtqeyk5.node0,req=1,res=true} , source: Session@1363043a{id=node0k9hmo8u8zlu91k1vbb8dtqeyk5,x=node0k9hmo8u8zlu91k1vbb8dtqeyk5.node0,req=1,res=true} , event: javax.servlet.http.HttpSessionEvent[source=Session@1363043a{id=node0k9hmo8u8zlu91k1vbb8dtqeyk5,x=node0k9hmo8u8zlu91k1vbb8dtqeyk5.node0,req=1,res=true}]
2024-05-27 12:16:18,448 DEBUG [c.c.u.AccountManagerImpl] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Attempting to log in user: admin in domain 1
2024-05-27 12:16:18,454 DEBUG [o.a.c.s.a.PBKDF2UserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Retrieving user: admin
2024-05-27 12:16:19,286 DEBUG [o.a.c.a.SHA256SaltedUserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Retrieving user: admin
2024-05-27 12:16:19,291 WARN  [o.a.c.a.SHA256SaltedUserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) The stored password for admin isn't in the right format for this authenticator
2024-05-27 12:16:19,292 DEBUG [o.a.c.a.MD5UserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Retrieving user: admin
2024-05-27 12:16:19,299 DEBUG [o.a.c.a.MD5UserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Password does not match
2024-05-27 12:16:19,299 DEBUG [o.a.c.l.LdapAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Retrieving ldap user: admin
2024-05-27 12:16:19,308 DEBUG [o.a.c.s.SAML2UserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Trying SAML2 auth for user: admin
2024-05-27 12:16:19,315 DEBUG [o.a.c.s.SAML2UserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Unable to find user with admin in domain 1, or user source is not SAML2
2024-05-27 12:16:19,315 DEBUG [o.a.c.o.OAuth2UserAuthenticator] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) Trying OAuth2 auth for user: admin
2024-05-27 12:16:19,326 ERROR [c.c.a.ApiServlet] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) unknown exception writing api response
com.cloud.utils.exception.CloudRuntimeException: OAuth2 authentication provider name is empty
	at org.apache.cloudstack.oauth2.OAuth2AuthManagerImpl.getUserOAuth2AuthenticationProvider(OAuth2AuthManagerImpl.java:105)
	at org.apache.cloudstack.oauth2.OAuth2UserAuthenticator.authenticate(OAuth2UserAuthenticator.java:65)
	at com.cloud.user.AccountManagerImpl.getUserAccount(AccountManagerImpl.java:2656)
	at com.cloud.user.AccountManagerImpl.authenticateUser(AccountManagerImpl.java:2494)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:97)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215)
	at com.sun.proxy.$Proxy124.authenticateUser(Unknown Source)
	at com.cloud.api.ApiServer.loginUser(ApiServer.java:1132)
	at com.cloud.api.auth.DefaultLoginAPIAuthenticatorCmd.authenticate(DefaultLoginAPIAuthenticatorCmd.java:156)
	at com.cloud.api.ApiServlet.processRequestInContext(ApiServlet.java:252)
	at com.cloud.api.ApiServlet$1.run(ApiServlet.java:149)
	at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:55)
	at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:102)
	at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:52)
	at com.cloud.api.ApiServlet.processRequest(ApiServlet.java:146)
	at com.cloud.api.ApiServlet.doPost(ApiServlet.java:105)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:665)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:750)
	at org.eclipse.jetty.servlet.ServletHolder$NotAsync.service(ServletHolder.java:1450)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:554)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:505)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:772)
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
	at org.eclipse.jetty.server.Server.handle(Server.java:516)
	at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487)
	at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
	at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
	at java.base/java.lang.Thread.run(Thread.java:829)
2024-05-27 12:16:19,332 DEBUG [c.c.a.ApiServlet] (qtp201719260-3270:ctx-444262d9) (logid:6e355549) ===END===  192.168.2.119 -- POST

[vishesh92]

Closing as duplicate of #8662