Issue: Local admin/other internal users login are not working in Release after upgrade to v22.x

Issue

After installing/upgrading to Release v22.x, the locally created admin/ other internal users available in Release application by default can no longer log in, but LDAP users are able to log in.

Affected Products & Versions

Release v22.x after upgrading from an earlier version of Release

Cause

The internalAuthenticationProvider bean ID and reference in $RELEASE_HOME/conf/xl-release-security.xml are no longer required in the Release application.

Steps to Recreate

1. Create/Use an existing  $RELEASE_HOME/conf/xl-release-security.xml with the following Bean-ID and Bean references:
   

   <bean id="rememberMeAuthenticationProvider"
   class="com.xebialabs.deployit.security.authentication.RememberMeAuthenticationProvider"/>
   <bean id="internalAuthenticationProvider"
   class="com.xebialabs.deployit.security.authentication.XlAuthenticationProvider"/>
   
   <security:authentication-manager alias="authenticationManager">
   <security:authentication-provider ref="rememberMeAuthenticationProvider" />
   <security:authentication-provider ref="internalAuthenticationProvider" />
   <security:authentication-provider ref="ldapProvider" />
   </security:authentication-manager>

2. Start the Release application.
3. Log in as an LDAP user, it works.
4. Log in as an or admin/any other internal Release user, it fails with the error A local account exists for user admin in the login screen.
   

Workaround/Resolution Action

Step-1: Make the following two changes in $RELEASE_HOME/conf/xl-release-security.xml

Change-1:
Remove this line:

<bean id="internalAuthenticationProvider" class="com.xebialabs.deployit.security.authentication.
   XlAuthenticationProvider"/>

Change-2:

Replace:

<security:authentication-provider ref="internalAuthenticationProvider" />

With:

<security:authentication-provider ref="xlAuthenticationProvider" />

Step-2: After making these changes restart Release.

References

• This has been reported to Engg. Team and resolved as a part of FI-1078 only in Release v22.x. 
• Resolution requires documentation change and is incorporated here: https://docs.xebialabs.com/v.22.0/release/how-to/configure-ldap-security-for-xl-release/#configure-release-to-use-an-ldap-repository 
• Release Note will updated to help customers upgrading the Release application to v22.x so that they can do this change during upgrade.