CIM authentication using "<UserName>:<Password>" as username

Michael255 · ‎10-22-2019

Hi,

We're running into an issue where authentication for CIM on our storage infrastructure is failing. Upon investigating the logs on one of the devices, it seems the user name being used is a concatenation of <user name><colon><password> rather than just the user name, ie. "User:sEcR3T". This causes the password to appear in the logs as well as not work.

Is anyone able to give me any pointers to get to the bottom of this?

ServiceNow's discover log reports the problem as:

<results error="Failed to authenticate with credentials" probe_time="47" result_code="900000">

The mid server logs don't seem to shed much light:

com.snc.cimiql.CimException: Failed to authenticate with credentials&#13;
    at com.snc.cimiql.service.http.HttpResponseFutureCallback.completed(HttpResponseFutureCallback.java:103)&#13;
    at com.snc.cimiql.service.http.HttpResponseFutureCallback.completed(HttpResponseFutureCallback.java:43)&#13;
    at org.shaded.apache.http.concurrent.BasicFuture.completed(BasicFuture.java:123)&#13;
    at org.shaded.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:169)&#13;
    at org.shaded.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:349)&#13;
    at org.shaded.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:236)&#13;
    at org.shaded.apache.http.impl.nio.client.LoggingAsyncRequestExecutor.inputReady(LoggingAsyncRequestExecutor.java:87)&#13;
    at org.shaded.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:267)&#13;
    at org.shaded.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:73)&#13;
    at org.shaded.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:37)&#13;
    at org.shaded.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:120)&#13;
    at org.shaded.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)&#13;
    at org.shaded.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)&#13;
    at org.shaded.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)&#13;
    at org.shaded.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)&#13;
    at org.shaded.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)&#13;
    at org.shaded.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:584)&#13;
    at java.lang.Thread.run(Thread.java:748)&#13;

Michael255 · ‎10-27-2019

It turns out that there is a bug in Madrid Patch 7 wrt having a ':' in the password. We removed that and can now log in. Now we have a secondary permissions issue to work through.

View solution in original post

digrajkar · ‎10-24-2019

Yes Michael, seeing similer error for HP 3Par storage discovery.

sm

Michael255 · ‎10-24-2019

I'm still working through this. I'll update if I make headway, please let me know if you make any progress. Hopefully someone will swoop in with a good answer 😉

Michael255 · ‎10-24-2019

For completeness, this is the software providing the CIM endpoint (running on Windows hosts):

Hitachi Command Suite v8.6.5-00

Brocade Network Advisor v14.4.2

Michael255 · ‎10-27-2019

It turns out that there is a bug in Madrid Patch 7 wrt having a ':' in the password. We removed that and can now log in. Now we have a secondary permissions issue to work through.