Pivotal Knowledge Base

Follow

Login to Pulse fails if Security Manager is enabled

Environment

 Product  Version
 Pivotal GemFire  9.0.x
 OS  All Supported OS

Symptom

When you are trying to login into Pulse, it might fail with an "incorrect password" error even when you are using the proper user/password. In the embedded mode, the default user/password is admin/admin. After you enable the security manager, you will not be able to login into Pulse without disabling the security manager. 

Cause

The cause could be related to enabling the Security Manager. If you can log in to Pulse without any issues with the Security Manager disabled, and yet have issues with the Security Manager enabled, please use the instructions below to fix this issue. 

There are two known issues in GemFire 9.0.x:

1. GEODE-2670: Update Pulse endpoint interceptors

2. GEODE-2671: When a locator is started with a custom jmx-manager-port, the embedded Pulse server still tries to connect to jmx using port 1099

Resolution

1. GEODE-2670 is fixed in GemFire 9.0.3. This issue is described in the Release Notes of GemFire 9.0.3:

GEODE-2670: Updated the authorization implementation, restricting data access via Pulse, to address CVE-2017-5649

2. GEODE-2671 is fixed in GemFire 9.0.4. Additionally, you can set the jmx-manager-port=1099 to work around this issue.

 

 

Comments

Powered by Zendesk