[one-users] Sunstone expired token issue using x509
Emmanuel Mathot
emmanuel.mathot at gmail.com
Wed Nov 16 08:32:09 PST 2011
Hello,
I configured (a bit painfully but successfully) all the authentication mechanism with X509 either from CLI or sunstone (SSL proxy).
Unfortunately from the cloud operations center, the token generated by sunstone (not sure) does not last very long and after a very short time (2min?), it is necessary to reload the page from the browser in order to recreate a token.
oned.log:
Wed Nov 16 17:32:35 2011 [AuM][D]: Message received: AUTHENTICATE FAILURE 668 login token expired
Wed Nov 16 17:32:35 2011 [AuM][E]: Auth Error: login token expired
Wed Nov 16 17:32:35 2011 [ReM][E]: [HostPoolInfo] User couldn't be authenticated, aborting call.
Wed Nov 16 17:32:47 2011 [ReM][D]: ImagePoolInfo method invoked
Wed Nov 16 17:32:47 2011 [AuM][D]: Message received: LOG I 669 Command execution fail: /var/lib/one/remotes/auth/server/authenticate emathot <DN> <token>
Wed Nov 16 17:32:47 2011 [AuM][I]: Command execution fail: /var/lib/one/remotes/auth/server/authenticate emathot <DN> <token>
Wed Nov 16 17:32:47 2011 [AuM][D]: Message received: LOG E 669 login token expired
Wed Nov 16 17:32:47 2011 [AuM][I]: login token expired
Wed Nov 16 17:32:47 2011 [AuM][D]: Message received: LOG I 669 ExitCode: 255
Is there any way to increase this token expiration time?
Regards,
Emmanuel Mathot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1627 bytes
Desc: not available
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20111116/90ad3b93/attachment-0002.bin>
More information about the Users
mailing list