Red Hat Bugzilla – Bug 497212
unable to enroll a tps operator/ agent/ admin using a token user
Last modified: 2015-01-04 18:37:55 EST
Description of problem:
When the browser presents a cert, the TPS calls tus_authenticate() which does an ldap search for entries with userCertificate = (your base64 encoded cert). The search is supposed to return a user record from under ou=people, dc= .. , from which the userid is extracted.
The problem is that the search currently starts from the top level instead. This is not a problem for users who do not have a token, because the user certificate only shows up in the user record. For token users, however, two entries are returned - one for the tokenCertRecord (which does not contain a userid), and one for the user record.
The fix is simply to make sure that the search is performed at the correct place
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Created attachment 340963 [details]
patch to fix
jmagne, please review.
Looks pretty simple:
Attachment (id=340963) +jmagne .
Transmitting file data ..
Committed revision 414.