and
here is the patch.
On 07/18/2014 09:18 AM, Christina Fu wrote:
This patch is to fix an issue that Jack
reported some time ago regarding authentication in Java TPS.
It was speculated that it had to do with ESC and tpsclient not
expecting same credential names, etc.
(note: I understand that Jack worked out something that was to
get him through what he was working on, but it was not meant as
a permanent solution, hence my investigation and separate patch)
I spent some time investigating to find out the root cause and a
final solution.
Here is what I discovered:
In the old TPS, in case of "ExtendedLoginRequest", the uid/pwd
are called "UID" and "PASSWORD";
where as in case of "LoginRequest", the uid/pwd are called
"screen_name" and "password"
In tpsclient, BOTH "ExtendedLoginResponse" and "LoginResponse"
are coded to put "screen_name". My suspicion is with the old
TPS the "ExtendedLoginRequest" never worked.
So, in summary, it's the difference between "extended" and "not
extended" rather than the clients. The clients just happened to
specify extended/not extended by default so it appears that way.
Note: In this patch, I added changes to tpsclient in an attempt
to make extendedLogin work but I learned later from jack that
tpsclient never does that, so please ignore that part of the
patch. I made some attempt to restore that part of tpsclient
with a new patch but couldn't get it. I will sort it out with
our git experts later.
This works with tpsclient, but I am still waiting for jack to
test it out with ESC.
thanks,
Christina
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel