<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Thanks to jack for helping me test.<br>
After much consideration, I think I will add my changes on top of
his last patch instead to make things speedier on both sides.<br>
So, please don't review this patch... <br>
<br>
thanks,<br>
Christina<br>
<br>
<div class="moz-cite-prefix">On 07/18/2014 09:22 AM, Christina Fu
wrote:<br>
</div>
<blockquote cite="mid:53C949DF.3040409@redhat.com" type="cite">and
here is the patch.
<br>
<br>
On 07/18/2014 09:18 AM, Christina Fu wrote:
<br>
<blockquote type="cite">This patch is to fix an issue that Jack
reported some time ago regarding authentication in Java TPS.
<br>
It was speculated that it had to do with ESC and tpsclient not
expecting same credential names, etc.
<br>
(note: I understand that Jack worked out something that was to
get him through what he was working on, but it was not meant as
a permanent solution, hence my investigation and separate patch)
<br>
<br>
I spent some time investigating to find out the root cause and a
final solution.
<br>
<br>
Here is what I discovered:
<br>
In the old TPS, in case of "ExtendedLoginRequest", the uid/pwd
are called "UID" and "PASSWORD";
<br>
where as in case of "LoginRequest", the uid/pwd are called
"screen_name" and "password"
<br>
<br>
In tpsclient, BOTH "ExtendedLoginResponse" and "LoginResponse"
are coded to put "screen_name". My suspicion is with the old
TPS the "ExtendedLoginRequest" never worked.
<br>
<br>
So, in summary, it's the difference between "extended" and "not
extended" rather than the clients. The clients just happened to
specify extended/not extended by default so it appears that way.
<br>
<br>
Note: In this patch, I added changes to tpsclient in an attempt
to make extendedLogin work but I learned later from jack that
tpsclient never does that, so please ignore that part of the
patch. I made some attempt to restore that part of tpsclient
with a new patch but couldn't get it. I will sort it out with
our git experts later.
<br>
<br>
This works with tpsclient, but I am still waiting for jack to
test it out with ESC.
<br>
<br>
thanks,
<br>
Christina
<br>
<br>
_______________________________________________
<br>
Pki-devel mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:Pki-devel@redhat.com">Pki-devel@redhat.com</a>
<br>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/pki-devel">https://www.redhat.com/mailman/listinfo/pki-devel</a>
<br>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Pki-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Pki-devel@redhat.com">Pki-devel@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/pki-devel">https://www.redhat.com/mailman/listinfo/pki-devel</a></pre>
</blockquote>
<br>
</body>
</html>