Bug 440989
| Summary: | [SECURITY] CMC authorization check not done by default | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Dogtag Certificate System | Reporter: | Christina Fu <cfu> | ||||
| Component: | Authorization | Assignee: | Christina Fu <cfu> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 1.0 | CC: | benl | ||||
| Target Milestone: | 1.0 | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-07-22 23:28:18 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Bug Depends On: | |||||||
| Bug Blocks: | 443788 | ||||||
| Attachments: |
|
||||||
|
Description
Christina Fu
2008-04-04 20:19:26 UTC
Created attachment 301334 [details]
added authorization to default CMC enrollment profile. Added error output.
pending peer code review
id: 301334 awnuk+ [cfu@jaw pki]$ svn status | grep -v ^$ | grep -v ^P | grep -v ^X M linux/common/pki-common.spec M base/ca/shared/profiles/ca/caCMCUserCert.cfg M base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java [cfu@jaw pki]$ svn commit Sending base/ca/shared/profiles/ca/caCMCUserCert.cfg Sending base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java Sending linux/common/pki-common.spec Transmitting file data ... Committed revision 17. Verified.(June-18-09 build). Signed a csr request with a user added to "Auditors" group and then generated a CMC request using CMCEnroll as below ----------- CMCEnroll -d "/home/user1/.mozilla/firefox/po7qy4w7.default/" -n "guser1's csdomain ID" -r "/root/certreq.txt" -p netscape ----------- And then pasted the output to "Signed CMC-Authenticated user Certificate Enrollment Cert Request Input form" Result - "Authorization Error" |