Project

General

Profile

Bug #2744

CNode client does not respect Session param

Added by Ben Leinfelder over 12 years ago. Updated over 12 years ago.

Status:
Closed
Priority:
Urgent
Assignee:
Category:
d1_libclient_java
Start date:
2012-05-11
Due date:
% Done:

100%

Milestone:
CCI-1.0.0
Product Version:
*
Story Points:
Sprint:

Description

In the portal I make use of the CertificateManager's "registration" feature that allows me to associate a particular subject to a cert/key pair. When I use the CNode client to make calls, I used to be able to pass in a Session parameter that used the same subject that I registered my cert/key pair with and the call woukd be performed as that person using those pre-registered credentials.
Now that Session param (and contained subject) is ignored and my call acts as though it came from an unauthenticated (basically public) user.
I looked over the code and I'm not sure it's doing exactly what we agreed on. Moreover, there's no way to even set the Session when getting the CNode client via the static call to D1Client.getCN() which is used throughout the codebase.
I thought we would preserve the existing behavior of all the methods that take the Session parameter and just pass in null in the Session-less implementations of the methods.

Here is a sample bit of code that illustrates what I am trying to do.

// create a CN client
CNode cn = D1Client.getCN();
String subjectDN = "CN=Benjamin Leinfelder A515,O=University of Chicago,C=US,DC=cilogon,DC=org";

    // set up my credentials for this particular subject
    CertificateManager.getInstance().setCertificateLocation("BAD");
    X509Certificate certificate = CertificateManager.getInstance().loadCertificateFromFile("/tmp/x509up_u503");
    PrivateKey key = CertificateManager.getInstance().loadPrivateKeyFromFile("/tmp/x509up_u503", null);
    CertificateManager.getInstance().registerCertificate(subjectDN, certificate, key);

    // make a call as this particular subject (in the session that is passed in)
    Subject subject = new Subject();
    subject.setValue(subjectDN);
    Session session = new Session();
    session.setSubject(subject);
    SubjectInfo subjectInfo = cn.getSubjectInfo(session , subject);

Subtasks

Task #2750: add D1Client.getCN(Session session) methodClosedRob Nahf

Task #2751: add setSession() method to D1Node class ?ClosedRob Nahf

Task #2752: fix determinSession() methodRejectedRob Nahf

History

#1 Updated by Rob Nahf over 12 years ago

  • Category set to d1_libclient_java
  • Status changed from New to Closed
  • Target version set to Sprint-2012.19-Block.3.2

The determineSession() method used to negotiate the difference between the new methods and the old was overly complicated and superfluous. Ripped it out in favor of the direct approach of passing in the session object held by the D1Node.

Added the method D1Client.getCN(Session session), for completeness.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)