Comments (11)
from xipki.
As in the ca*.log,
... INFO: CaManagerQueryExecutor.addUser() added user 'vnfpsi'
... ERROR: HttpMgmtServlet.doPost() CaMgmtException: ...: user 'vnfpsi ' does not exist
in the command causer-add, an extra space of the use name is added. Thus the CA cannot find the user.
from xipki.
We are not adding space after username.
This was the command executed:
#ca:user-add --name vnfpsi
One more observation:
If we try add a same user twice, space is seen after the username in the error returned:
karaf@root()> ca:user-add --name san
Password:*****
added user san
karaf@root()> ca:user-add --name san
Password:*****
Error executing command: could not add user san, error: user named 'san ' already exists
from xipki.
In the log file, the space after the real user name is appended by the log. (This is a bug).
In you case, you first execute ca:use-add
to add the user to the user table in the database, then execute ca:causer-add
to bind a user with a given CA.
According to the ca*.log, the error occurred in the command ca:causer-add
, the CA can not find the user added before.
My questions here are:
- Is this error reproducable? Does it happen to all causer-add commands, or only 1 of x executions?
- Once this error occurs, please check the database whether the table TUSER contains this user?
from xipki.
1.Is this error reproducable? Does it happen to all causer-add commands, or only 1 of x executions?
As in the above attached karaf.log you can see 5 instances of this error being reproduced, it doesn't happen every time add user is triggered, but sporadically this issue can be seen.
2.Once this error occurs, please check the database whether the table TUSER contains this user?
when this issue occurs, user is present in database.
from xipki.
From the ca*.log, I can find the following log lines:
2023.06.22-08:49:32.994 ... -1 INFO: CaManagerQueryExecutor.addUser() added user 'vnfpsi'
2023.06.22-08:49:33.278 ...-10 INFO: CaManagerQueryExecutor.addUserToCa() added user '(id=27, name=vnfpsi)' to CA '(id=1, name=ztsauto3)': permission: 511; profile: all
2023.06.22-11:30:28.772 ...-7 INFO: CaManagerQueryExecutor.addUser() added user 'vnfpsi'
2023.06.22-11:30:28.965 ...-8 ERROR: HttpMgmtServlet.doPost() CaMgmtException: org.xipki.ca.api.mgmt.CaMgmtException: user 'vnfpsi ' does not exist
2023.06.22-11:36:14.328 ...-5 ERROR: HttpMgmtServlet.doPost() CaMgmtException: org.xipki.ca.api.mgmt.CaMgmtException: could not remove vnfpsi from CA ztsauto3
2023.06.22-11:54:00.672 ...-5 INFO: CaManagerQueryExecutor.addUser() added user 'vnfpsi'
2023.06.22-11:54:00.971 ...-9 INFO: CaManagerQueryExecutor.addUserToCa() added user '(id=36, name=vnfpsi)' to CA '(id=1, name=ztsauto3)': permission: 511; profile: all
2023.06.22-13:33:32.571 ...-7 INFO: CaManagerQueryExecutor.addUser() added user 'vnfpsi'
2023.06.22-13:33:32.777 ...-1 INFO: CaManagerQueryExecutor.addUserToCa() added user '(id=38, name=vnfpsi)' to CA '(id=1, name=ztsauto3)': permission: 511; profile: all
The user vnfpsi
was added multiple times. 1) Did you remove the user before adding it again? 2) Do you use cluster of databases?
from xipki.
-
Did you remove the user before adding it again?
yes! you can find it in the karaf.log and ca*.log logs for every corresponding add user triggered with same name , deletion of user has been triggered every time beforehand.
-
Do you use cluster of databases?
yes! we use mariadb with master-slave mode. There is 1 master and 2 slaves. Xipiki application performs read/write to mariadb via maxscale service.
from xipki.
Xipki is checking for if user exists while add user is triggered , it's clearly showing user doesn't exist and it has thrown error instead of adding the user. If user doesn't exist, it should add the user instead of throwing error. It seems like some issue with error handling, can this be an improvement?
from xipki.
@xipki , can you please provide some update for this issue?
from xipki.
According to the log, the command user-add
finished successfully. But the command causer-add
failed. Since you use cluster, one reason may be the database instances do not have the same dataset. The user has been added to the table TUSER
of one instance, but you try to read data from other database instance which does not contain the user just added.
So once you get the error in the command causer-add
, try to execute it again after several seconds. If this error still occurs, try then the command ca:user-info
. If you get error that the user does not exist, try to check all clustered instances whether the given user exists in the table TUSER
.
from xipki.
Close this issue due to inactivity. Please re-open if needed.
from xipki.
Related Issues (20)
- ocsp.json, OCSP HOT 2
- CSR - Server Error 500
- Facing errror while initialising ca schema HOT 5
- The assemblies artifacts were not pushed to central for 6.4.0 HOT 3
- could not remove user <>, error: remote management is not permitted to the client without valid certificate HOT 6
- REST gateway CA can't be selected through URL
- Unable to import database to xipki:6.3.0 from 5.3.15 HOT 15
- Error while generating cert.der in xipki: 6.3.0v HOT 4
- Error while changing ca with new masterpassword. v6.3.0 HOT 4
- NullPointerException in cmp gateway using xi:cmp-update-p12 because no profile is set. HOT 4
- v6.4.0: Exception in ca-server SdkResponder while updating an existing certificate HOT 1
- Unable to adduser HOT 11
- do you have an example of ocsp client call server HOT 4
- Considerations on update and renewal in CMP HOT 6
- In xipki-6.5.1, cert does not get generated with SAN configuration HOT 4
- Ibm QradarDLC certificate apply error HOT 5
- Request support to configure CA_URL HOT 2
- Unable to revoke certs in Xipki:6.5.1
- Unable to add CA HOT 1
- server returns 500 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from xipki.