Authentication error: Unable to respond to any of these challenges

[JamieXu168]

I installed openstack mitaka on CenOS and tried to connect it using openstack4j-3.0.2 ,The code is like this:

import org.openstack4j.api.OSClient.OSClientV3;
import org.openstack4j.openstack.OSFactory;
import org.openstack4j.model.common.Identifier;
public class TestNova
{
public static void main(String[] args)
{
String projectName = "admin";
String domainName = "default";
OSClientV3 os3 = OSFactory.builderV3()
.endpoint("http://111.207.49.183:5000/v3")
.credentials("admin", "admin")
.scopeToProject(Identifier.byName(projectName), Identifier.byName(domainName))
.authenticate();
}
}

Some problem occurs as follow:
Authentication error: Unable to respond to any of these challenges: {keystone=WWW-Authenticate
: Keystone uri="http://111.207.49.183:5000"}
Exception in thread "main" AuthenticationException{message=Unauthorized, status=401}
at org.openstack4j.core.transport.HttpExceptionHandler.mapException(HttpExceptionHandler.jav
a:36)
at org.openstack4j.core.transport.HttpExceptionHandler.mapException(HttpExceptionHandler.jav
a:23)
at org.openstack4j.openstack.internal.OSAuthenticator.authenticateV2(OSAuthenticator.java:12
5)
at org.openstack4j.openstack.internal.OSAuthenticator.invoke(OSAuthenticator.java:52)
at org.openstack4j.openstack.client.OSClientBuilder$ClientV2.authenticate(OSClientBuilder.ja
va:117)
at org.openstack4j.openstack.client.OSClientBuilder$ClientV2.authenticate(OSClientBuilder.ja
va:79)
at TestNova.main(TestNova.java:17)

I don't know what is reason , Can Someone help me ?

[auhlig]

Enable debug logging. Worth to check if the token's catalog contains the identity v3 service.

[JamieXu168]

I change user as demo ,the result is same . The command was ok when installed mitaka:
$ openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name demo --os-username demo token issue

So the token's catalog contains the identity v3 service

[auhlig]

As stated in the docs use .credentials("admin", "secret", Identifier.byId("user domain id")).

[JamieXu168]

Thank you, I don't know user domain id if it is 'default', The code is as follows :

OSClientV3 os3 = OSFactory.builderV3()
.endpoint("http://111.207.49.183:5000/v3")
.credentials("demo", "demo", Identifier.byId("default"))
.scopeToProject(Identifier.byName(projectName), Identifier.byName(domainName))
.authenticate();

I run it ,the log is as follows:

D:\tools\OpenStack4j>java TestNova
0 [main] DEBUG org.openstack4j.core.transport.internal.HttpExecutor - Executing Request: http://
111.207.49.183:5000/v3 -> /auth/tokens
178 [main] DEBUG org.jboss.resteasy.plugins.providers.DocumentProvider - Unable to retrieve config
: expandEntityReferences defaults to true
182 [main] DEBUG org.jboss.resteasy.plugins.providers.DocumentProvider - Unable to retrieve config
: expandEntityReferences defaults to true
959 [main] DEBUG org.apache.http.impl.conn.SingleClientConnManager - Get connection for route Http
Route[{}->http://111.207.49.183:5000]
966 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnectionOperator - Connecting to 111.207
.49.183:5000
992 [main] DEBUG org.apache.http.client.protocol.RequestAddCookies - CookieSpec selected: best-mat
ch
1002 [main] DEBUG org.apache.http.client.protocol.RequestAuthCache - Auth cache not set in the cont
ext
1003 [main] DEBUG org.apache.http.impl.client.DefaultHttpClient - Attempt 1 to execute request
1003 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Sending request: POST /v3/aut
h/tokens HTTP/1.1
1004 [main] DEBUG org.apache.http.wire - >> "POST /v3/auth/tokens HTTP/1.1[\r][\n]"
1005 [main] DEBUG org.apache.http.wire - >> "OS4J-Auth-Command: Tokens[\r][\n]"
1005 [main] DEBUG org.apache.http.wire - >> "Content-Length: 418[\r][\n]"
1005 [main] DEBUG org.apache.http.wire - >> "Content-Type: application/json[\r][\n]"
1006 [main] DEBUG org.apache.http.wire - >> "Host: 111.207.49.183:5000[\r][\n]"
1006 [main] DEBUG org.apache.http.wire - >> "Connection: Keep-Alive[\r][\n]"
1006 [main] DEBUG org.apache.http.wire - >> "[\r][\n]"
1006 [main] DEBUG org.apache.http.headers - >> POST /v3/auth/tokens HTTP/1.1
1006 [main] DEBUG org.apache.http.headers - >> OS4J-Auth-Command: Tokens
1006 [main] DEBUG org.apache.http.headers - >> Content-Length: 418
1006 [main] DEBUG org.apache.http.headers - >> Content-Type: application/json
1007 [main] DEBUG org.apache.http.headers - >> Host: 111.207.49.183:5000
1007 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
1007 [main] DEBUG org.apache.http.wire - >> "{[\r][\n]"
1007 [main] DEBUG org.apache.http.wire - >> " "auth" : {[\r][\n]"
1007 [main] DEBUG org.apache.http.wire - >> " "identity" : {[\r][\n]"
1007 [main] DEBUG org.apache.http.wire - >> " "password" : {[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " "user" : {[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " "name" : "demo",[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " "domain" : {[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " "id" : "default"[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " },[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " "password" : "demo"[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " }[\r][\n]"
1008 [main] DEBUG org.apache.http.wire - >> " },[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " "methods" : [ "password" ][\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " },[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " "scope" : {[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " "project" : {[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " "name" : "demo",[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " "domain" : {[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " "name" : "default"[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " }[\r][\n]"
1009 [main] DEBUG org.apache.http.wire - >> " }[\r][\n]"
1010 [main] DEBUG org.apache.http.wire - >> " }[\r][\n]"
1010 [main] DEBUG org.apache.http.wire - >> " }[\r][\n]"
1010 [main] DEBUG org.apache.http.wire - >> "}"
1087 [main] DEBUG org.apache.http.wire - << "HTTP/1.1 401 Unauthorized[\r][\n]"
1092 [main] DEBUG org.apache.http.wire - << "Date: Thu, 10 Nov 2016 09:35:33 GMT[\r][\n]"
1092 [main] DEBUG org.apache.http.wire - << "Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.
5[\r][\n]"
1093 [main] DEBUG org.apache.http.wire - << "Vary: X-Auth-Token[\r][\n]"
1093 [main] DEBUG org.apache.http.wire - << "x-openstack-request-id: req-d3f86b6a-4ddf-4be6-ad99-41
433196c2aa[\r][\n]"
1093 [main] DEBUG org.apache.http.wire - << "WWW-Authenticate: Keystone uri="http://111.207.49.183:
5000"[\r][\n]"
1094 [main] DEBUG org.apache.http.wire - << "Content-Length: 114[\r][\n]"
1094 [main] DEBUG org.apache.http.wire - << "Keep-Alive: timeout=5, max=100[\r][\n]"
1094 [main] DEBUG org.apache.http.wire - << "Connection: Keep-Alive[\r][\n]"
1094 [main] DEBUG org.apache.http.wire - << "Content-Type: application/json[\r][\n]"
1095 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
1095 [main] DEBUG org.apache.http.impl.conn.DefaultClientConnection - Receiving response: HTTP/1.1
401 Unauthorized
1095 [main] DEBUG org.apache.http.headers - << HTTP/1.1 401 Unauthorized
1096 [main] DEBUG org.apache.http.headers - << Date: Thu, 10 Nov 2016 09:35:33 GMT
1096 [main] DEBUG org.apache.http.headers - << Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
1096 [main] DEBUG org.apache.http.headers - << Vary: X-Auth-Token
1096 [main] DEBUG org.apache.http.headers - << x-openstack-request-id: req-d3f86b6a-4ddf-4be6-ad99-41433196c2aa
1096 [main] DEBUG org.apache.http.headers - << WWW-Authenticate: Keystone uri="http://111.207.49.183:5000"
1096 [main] DEBUG org.apache.http.headers - << Content-Length: 114
1097 [main] DEBUG org.apache.http.headers - << Keep-Alive: timeout=5, max=100
1097 [main] DEBUG org.apache.http.headers - << Connection: Keep-Alive
1097 [main] DEBUG org.apache.http.headers - << Content-Type: application/json
1103 [main] DEBUG org.apache.http.impl.client.DefaultHttpClient - Connection can be kept alive for 5000 MILLISECONDS
1103 [main] DEBUG org.apache.http.impl.client.DefaultHttpClient - Target requested authentication
1104 [main] DEBUG org.apache.http.impl.client.DefaultTargetAuthenticationHandler - Authentication schemes in the order of preference: [negotiate, NTLM, Digest, Basic]
1104 [main] DEBUG org.apache.http.impl.client.DefaultTargetAuthenticationHandler - Challenge for negotiate authentication scheme not available
1104 [main] DEBUG org.apache.http.impl.client.DefaultTargetAuthenticationHandler - Challenge for NTLM authentication scheme not available
1104 [main] DEBUG org.apache.http.impl.client.DefaultTargetAuthenticationHandler - Challenge for Digest authentication scheme not available
1105 [main] DEBUG org.apache.http.impl.client.DefaultTargetAuthenticationHandler - Challenge for Basic authentication scheme not available
1105 [main] WARN org.apache.http.impl.client.DefaultHttpClient - Authentication error: Unable to respond to any of these challenges: {keystone=WWW-Authenticate: Keystone uri="http://111.207.49.183:5000"}
1114 [main] DEBUG org.apache.http.wire - << "{"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}"
1114 [main] DEBUG org.apache.http.impl.conn.SingleClientConnManager - Releasing connection org.apache.http.impl.conn.SingleClientConnManager$ConnAdapter@5c33f1a9
Exception in thread "main" AuthenticationException{message=Unauthorized, status=401}
at org.openstack4j.core.transport.HttpExceptionHandler.mapException(HttpExceptionHandler.java:36)
at org.openstack4j.core.transport.HttpExceptionHandler.mapException(HttpExceptionHandler.java:23)
at org.openstack4j.openstack.internal.OSAuthenticator.authenticateV3(OSAuthenticator.java:158)
at org.openstack4j.openstack.internal.OSAuthenticator.invoke(OSAuthenticator.java:70)
at org.openstack4j.openstack.client.OSClientBuilder$ClientV3.authenticate(OSClientBuilder.java:165)
at org.openstack4j.openstack.client.OSClientBuilder$ClientV3.authenticate(OSClientBuilder.java:128)
at TestNova.main(TestNova.java:26)

[auhlig]

HTTP/1.1 401 Unauthorized

[JamieXu168]

I don't know how to solve the problem...

[auhlig]

Check provided values (credentials, names, .. , user exists within domain) are correct. Maybe take a look at the http communication.

Since this currently doesn't seem to show an issue in os4j I'd like to ask you to close and continue the discussion e.g. on stackoverflow.