User login with REST-API is not working
Issue
Running the command logon via REST API failed, it is not possible to login, login via User portal works
REST-API call
POST /ovirt-engine/api/vms/123/logon
VmLogonVDSCommandParameters:{runAsync='true', hostId='1b2646b8-ca76-4574-25cd-174c2720711f', vmId='b00ead14-fxa1-4918-2b21-49f5b456ecd1', domain='test', password='null', userName='user@test@test'})
engine.log
2017-04-03 12:48:56,803 ERROR [org.ovirt.engine.core.bll.VmLogonCommand] (default task-21) [54638c4c] Command 'org.ovirt.engine.core.bll.VmLogonCommand' failed: invalid_scope: The requested scope '[ovirt-ext=token:password-access]' is invalid, unknown, malformed, or exceeds the scope granted by the resource owner.
2017-04-03 12:48:56,803 ERROR [org.ovirt.engine.core.bll.VmLogonCommand] (default task-21) [54638c4c] Exception: java.lang.RuntimeException: invalid_scope: The requested scope '[ovirt-ext=token:password-access]' is invalid, unknown, malformed, or exceeds the scope granted by the resource owner.
at org.ovirt.engine.core.aaa.filters.FiltersHelper.isStatusOk(FiltersHelper.java:69) [aaa.jar:]
at org.ovirt.engine.core.aaa.SsoUtils.getPassword(SsoUtils.java:90) [aaa.jar:]
REST-API calls
1.2.3.4 - - [03/Apr/2017:09:53:37 -0400] "POST /ovirt-engine/api/vms/1a2ab41f-4b41-4840-9e60-64cea2284ba1/logon HTTP/1.1" 400 229
127.0.0.1 - - [03/Apr/2017:12:48:55 -0400] "POST /ovirt-engine/sso/oauth/token-info HTTP/1.1" 200 928
1.2.3.4 - - [03/Apr/2017:12:48:55 -0400] "GET /ovirt-engine/api/vms/b11ead94-f1a1-2918-bb26-4965b156ecd1 HTTP/1.1" 200 7710
127.0.0.1 - - [03/Apr/2017:12:48:55 -0400] "POST /ovirt-engine/sso/oauth/token HTTP/1.1" 200 225
Environment
- Red Hat Virtualization 4.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.