[Pki-devel] Karma Request for Dogtag 10.2.4 in Fedora 22
Christina Fu
cfu at redhat.com
Fri May 29 16:34:49 UTC 2015
For #2, after some investigation, it turns out that my admin cert wasn't
imported into the browser properly that's what caused the authentication
mishap. I have no problem accessing the TPS admin interface now. The
simple enrollment of a token was also successful.
Consider #2 resolved.
thanks,
Christina
On 05/28/2015 06:13 PM, Christina Fu wrote:
> A few TPS issues (is there a workaround for #2 below?):
>
> 1. maybe not enough to respin, but for TPS, a simple format will fail
> due to an extra space at the end of the following in CS.cfg:
> op.format.tokenKey.validateCardKeyInfoAgainstTokenDB=true
>
> workaround is to remove the space and restart.
>
> 2. once formatted a token, getting to the admin interface resulted in
> the following error on ui:
> "Authentication method not allowed"
> in debug log, I see
> [28/May/2015:13:51:29][http-bio-8443-exec-16]:
> SessionContextInterceptor: principal: tpsadmin
> [28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
> TokenResource.findTokens()
> [28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
> mapping: tokens
> [28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
> loading /usr/share/pki/tps/conf/auth-method.properties
> [28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
> checking /var/lib/pki/pki-tomcat/tps/conf/auth-method.properties
> [28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
> required auth methods: [certUserDBAuthMgr]
> [28/May/2015:13:51:29][http-bio-8443-exec-16]: AuthMethodInterceptor:
> authentication manager: passwdUserDBAuthMgr
>
> I couldn't get past that. Is there a workaround?
>
> I also tried to set up a TPS on an independent tomcat instance.
> Although the installation seems successful, a simple format always
> ends with the following (with nothing after that):
> TPSProcessor.getSharedSecretTransportKey: calculated key name:
> sharedSecretInd
> This issue is part of the ticket I am working on for 10.2.5, so it can
> wait: https://fedorahosted.org/pki/ticket/867
>
> Christina
>
> On 05/26/2015 11:39 PM, Matthew Harmsen wrote:
>> Everyone,
>>
>> Please provide Karma for the following Dogtag 10.2.4 packages for
>> Fedora 22:
>>
>> * dogtag-pki-theme-10.2.4-1.fc22
>> <https://admin.fedoraproject.org/updates/dogtag-pki-theme-10.2.4-1.fc22>
>> * pki-core-10.2.4-1.fc22
>> <https://admin.fedoraproject.org/updates/pki-core-10.2.4-1.fc22>
>> * pki-console-10.2.4-1.fc22
>> <https://admin.fedoraproject.org/updates/pki-console-10.2.4-1.fc22>
>> * dogtag-pki-10.2.4-1.fc22
>> <https://admin.fedoraproject.org/updates/dogtag-pki-10.2.4-1.fc22>
>>
>> Thanks,
>> -- Matt
>>
>>
>>
>> _______________________________________________
>> Pki-devel mailing list
>> Pki-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-devel
>
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20150529/fb62a5cd/attachment.htm>
More information about the Pki-devel
mailing list