Connecting the WebUI to an existing cloud

[thisismana]

Hello,

I got stuck while trying to connect the webUI to our cloudfoundry installation. I changed a lot of properties in the uhuru_webui.yml but still cannot login. I am getting this error:

{"timestamp":1394724369.9763494,"message":"Error while trying to add Owner role to the cloud controller admin for sys-org and monitoring - error response:[
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/cf-uaa-lib-2.0.1/lib/uaa/http.rb:112:in `json_parse_reply'\", 
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/cf-uaa-lib-2.0.1/lib/uaa/token_issuer.rb:78:in `request_token'\", 
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/cf-uaa-lib-2.0.1/lib/uaa/token_issuer.rb:245:in `client_credentials_grant'\", 
\"/home/uhuru-ui/uhuru-webui/lib/users_setup.rb:88:in `get_uaa_client'\", 
\"/home/uhuru-ui/uhuru-webui/lib/users_setup.rb:106:in `uaa_get_users'\", 
\"/home/uhuru-ui/uhuru-webui/lib/webui.rb:80:in `initialize'\", 
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/sinatra-1.4.4/lib/sinatra/base.rb:1454:in `new'\", 
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/sinatra-1.4.4/lib/sinatra/base.rb:1454:in `new'\", 
\"/home/uhuru-ui/uhuru-webui/lib/runner.rb:102:in `block in run!'\", 
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/eventmachine-1.0.3/lib/eventmachine.rb:187:in `call'\", 
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/eventmachine-1.0.3/lib/eventmachine.rb:187:in `run_machine'\", 
\"/usr/local/rvm/gems/ruby-1.9.3-p484/gems/eventmachine-1.0.3/lib/eventmachine.rb:187:in `run'\", 
\"/home/uhuru-ui/uhuru-webui/lib/runner.rb:92:in `run!'\", 
\"webui:11:in `<main>'\"]","log_level":"error","source":"uhuru-webui.runner","data":{},"thread_id":6723600,"fiber_id":21925300,"process_id":24807,"file":"/home/uhuru-ui/uhuru-webui/lib/webui.rb","lineno":98,"method":"rescue in initialize"}

The uaa-URL should be correct. The user I picked is admin. The usersecret is the admin's password. Is that correct or do I need to provide some other "secret"?

[adasescu]

Hi Thisismana,

We are trying to figure out what the problem is.

[adasescu]

Hi Thisismana,

To configure uaa in uhuru-webui.yml you need to create a new uaa client with this properties(or use a existing one):
- id: webui
- scope: cloud_controller.read,cloud_controller.write,cloud_controller.admin,openid,password.write,scim.read,scim.write
- authorized-grant-types: client_credentials,password,authorization_code
- authorities: uaa.admin,uaa.resource,tokens.read,scim.read,scim.write,password.write,cloud_controller.read,cloud_controller.write,cloud_controller.admin

You can do this in various ways. One of the them would be adding the following in your cf deployment manifest under uaa: clients::
clients:
webui:
override: true
secret: webui_client_secret
authorized-grant-types: client_credentials,password,authorization_code
scope: cloud_controller.read,cloud_controller.write,cloud_controller.admin,openid,password.write,scim.read,scim.write # scopes that can be requested to impersonate a user
authorities: uaa.admin,uaa.resource,tokens.read,scim.read,scim.write,password.write,cloud_controller.read,cloud_controller.write,cloud_controller.admin # scopes granted to the client
autoapprove: true

And the you need to modify the following properties in the uhuru-webui.yml configuration file:

uaa:
url: http://uaa.mycloud.com
client_id: webui
client_secret: webui_client_secret