Update password on existing user after upgraded to 3.6.0
66 views
Skip to first unread message
Carl Hörberg
Feb 11, 2016, 10:29:26 PM2/11/16
to rabbitmq-users
Create a RabbitMQ 3.5.7 server. Create a user and set a password. Upgrade the server to 3.6.0. Change the password of the user. Try to login with the new password. Result: The password is invalid. Workaround: Delete the user and recreate it with the same user.
Michael Klishin
Feb 12, 2016, 6:51:59 AM2/12/16
to rabbitm...@googlegroups.com, Carl Hörberg
I'm not sure if this is still relevant after https://github.com/rabbitmq/rabbitmq-management/issues/117
but we will take a look.
--
MK
Staff Software Engineer, Pivotal/RabbitMQ
Michael Klishin
Feb 12, 2016, 7:04:42 AM2/12/16
to rabbitm...@googlegroups.com, Carl Hörberg
On 12 February 2016 at 14:51:53, Michael Klishin (mkli...@pivotal.io) wrote:
> Thanks, this was reported once already, so there is an issue
> for that.
> I'm not sure if this is still relevant after https://github.com/rabbitmq/rabbitmq-management/issues/117
> but we will take a look.
Hm, so according to your report this does not involve `rabbitmqadmin` or definitions export, correct?
> Thanks, this was reported once already, so there is an issue
> for that.
> I'm not sure if this is still relevant after https://github.com/rabbitmq/rabbitmq-management/issues/117
> but we will take a look.
Carl Hörberg
Feb 12, 2016, 8:20:09 AM2/12/16
to Michael Klishin, rabbitm...@googlegroups.com
No, tried to change password with both the mgmt interface (the HTTP API) and via rabbitmqctl
Michael Klishin
Feb 12, 2016, 8:36:01 AM2/12/16
to rabbitm...@googlegroups.com, Carl Hörberg
On 12 February 2016 at 16:20:05, Carl Hörberg (ca...@cloudamqp.com) wrote:
> Create a RabbitMQ 3.5.7 server. Create a user and set a password.
> Upgrade the server to 3.6.0. Change the password of the user.
> Try to login with the new password. Result: The password is invalid.
> Workaround: Delete the user and recreate it with the same user.
I can't reproduce with the following steps:
> Create a RabbitMQ 3.5.7 server. Create a user and set a password.
> Upgrade the server to 3.6.0. Change the password of the user.
> Try to login with the new password. Result: The password is invalid.
> Workaround: Delete the user and recreate it with the same user.
* Start a 3.5.7 node, add a user server-623 with password "server-623"
* Tag the user as administrator
* Stop the node, copy its database directory to /tmp/3.5.7
* Start a 3.6.x node with RABBITMQ_MNESIA_DIR=/tmp/3.5.7
* List users with `ets:tab2list(rabbit_user).`
* Change password with rabbitmqctl change_password server-623 server-623-new
* Try authenticating with `rabbitmqctl authenticate_user server-623 server-623-new` (it succeeds)
* Try authenticating with `rabbitmqctl authenticate_user server-623 server-623` (it fails)
Are the steps I take different from yours?
Michael Klishin
Feb 12, 2016, 8:49:10 AM2/12/16
to rabbitm...@googlegroups.com, Carl Hörberg
https://github.com/rabbitmq/rabbitmq-server/commit/f1f28eac1bc955580bbead82721d75c45e69999d
which was a part of https://github.com/rabbitmq/rabbitmq-management/issues/117
and seems to fix the issue by updating password hashing module in the user
record.
Carl, can you please try with 3.6.1 RC1 or a nightly build?
Carl Hörberg
Feb 12, 2016, 10:01:32 AM2/12/16
to rabbitmq-users, ca...@cloudamqp.com
Fixed in 3.6.0.901 :) Thanks!
Reply all
Reply to author
Forward
0 new messages