Bug 497212 - unable to enroll a tps operator/ agent/ admin using a token user
unable to enroll a tps operator/ agent/ admin using a token user
Product: Dogtag Certificate System
Classification: Community
Component: TPS (Show other bugs)
All Linux
urgent Severity high
: ---
: ---
Assigned To: Ade Lee
Chandrasekar Kannan
Depends On:
Blocks: 443788
  Show dependency treegraph
Reported: 2009-04-22 15:50 EDT by Ade Lee
Modified: 2015-01-04 18:37 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-07-22 19:34:37 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch to fix (1.97 KB, patch)
2009-04-23 12:30 EDT, Ade Lee
no flags Details | Diff

  None (edit)
Description Ade Lee 2009-04-22 15:50:39 EDT
Description of problem:

When the browser presents a cert, the TPS calls tus_authenticate() which does an ldap search for entries with userCertificate = (your base64 encoded cert).  The search is supposed to return a user record from under ou=people, dc= .. , from which the userid is extracted.

The problem is that the search currently starts from the top level instead.  This is not a problem for users who do not have a token, because the user certificate only shows up in the user record.  For token users, however, two entries are returned - one for the tokenCertRecord (which does not contain a userid), and one for the user record.

The fix is simply to make sure that the search is performed at the correct place
Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 Ade Lee 2009-04-23 12:30:34 EDT
Created attachment 340963 [details]
patch to fix

simple fix. 

jmagne, please review.
Comment 2 Jack Magne 2009-04-23 14:35:46 EDT
Looks pretty simple:

Attachment (id=340963) +jmagne .
Comment 3 Ade Lee 2009-04-23 15:24:53 EDT
Sending        base/tps/src/tus/tus_db.c
Sending        dogtag/tps/pki-tps.spec
Transmitting file data ..
Committed revision 414.

Note You need to log in before you can comment on or make changes to this bug.