[OTDev] A&A clarifications
surajit ray mr.surajit.ray at gmail.comTue Mar 8 14:23:48 CET 2011
- Previous message: [OTDev] A&A clarifications
- Next message: [OTDev] A&A clarifications
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, On 7 March 2011 22:25, Andreas Maunz <andreas at maunz.de> wrote: > Hi Surajit, > > surajit ray wrote on 03/07/2011 05:06 PM: >> >> Hi Andreas,All, >> >> Was trying to work through the doc file given as documentation on the >> website at >> >> >> http://opentox.org/data/documents/partner/wp/3/deliverables/Draft%20Report%20WP3-D3.3 >> >> I had a few queries regarding the content. >> >> 1) To quote an example from the doc file >> >> >> >> ------------------------------------------------------------------------------------ >> # Listing all my policies... >> # ======================= >> curl -i -X GET http://opensso.in-silico.ch/Pol/opensso-pol -H >> “subjectid: >> AQIC5wM2LY4SfcxrnpcZCmbfdsKTyxG9E66uu5FVhefps7I%3D%40AAJTSQACMDE%3D%23” >> HTTP/1.1 200 OK >> Content-Type: text/plain >> There were not matching policies under realm, /. >> >> ------------------------------------------------------------------------------------ >> >> >> here the token is url encoded while in reality (on the server at >> http://opensso.in-silico.ch/Pol/opensso-pol) the accepted form is without >> urlencoding the token. > > Please keep in mind that the deliverable may be superseded by later versions > of the software. > Here is the relevant documentation: > http://www.opentox.org/dev/apis/api-1.2/AA#section-2 this section does not have the curl commands mentioned in the doc file > >> and the result from the non-urlencoded token submission is following >> >> >> >> ------------------------------------------------------------------------------------ >> maxtox at maxtox-desktop:~$ curl -i -X GET >> http://opensso.in-silico.ch/Pol/opensso-pol -H >> "subjectid:AQIC5wM2LY4SfcwYjtLJPwt6fs8ca1Owk5XWByXX3Wn+bX4=@AAJTSQACMDE=#" >> HTTP/1.0 200 OK >> Server: nginx/0.6.32 >> Date: Mon, 07 Mar 2011 15:36:58 GMT >> Content-Type: text/plain >> Proxy-Connection: keep-alive >> Content-Length: 1 >> >> ------------------------------------------------------------------------------------ >> >> as you can see I could not get the expected : "There were not >> matching policies under realm, /." > > I will investigate why this is missing. Please work around that in the > meantime. > >> 2) When I do a authentication like the following I get the result as a >> token.id like so >> >> >> >> ------------------------------------------------------------------------------------ >> maxtox at maxtox-desktop:~$ curl -i -d "username=surajitray" -d >> "password=w3lc0m3" >> http://opensso.in-silico.ch/opensso/identity/authenticate >> HTTP/1.0 200 OK >> Server: nginx/0.6.32 >> Date: Mon, 07 Mar 2011 15:31:26 GMT >> Content-Type: text/plain;charset=UTF-8 >> Proxy-Connection: keep-alive >> Content-Length: 72 >> >> token.id=AQIC5wM2LY4Sfcy24eQG5V7J8Lth75vK3Tdr94/rrc/nBJs=@AAJTSQACMDE=# >> >> ------------------------------------------------------------------------------------ >> >> >> Have been correct to assume that this token.id is to be used as >> subjectid in the previous step ? > > Yes. > >> If my assumption was correct then could you please remove this >> apparent inconsistency by changing both the variables to the same name >> (either token.id or subjectid) ? > > No, since all other OT members use it- therefore this would break > everything. > I am passing the original SSO output here. I could change it, but we would > have to agree on that collectively. Then lets do that before we go too far out without the corrections ! >> Also in the documentation on the website >> (http://opentox.org/dev/apis/api-1.2/AA) the following is mentioned >> >> >> >> ------------------------------------------------------------------------------------ >> >> Authentication >> >> POST on /auth/authenticate >> >> username >> password >> uri >> >> 200 + token (Valid) >> 401 (Invalid) >> >> Token validation >> >> POST on /auth/isTokenValid >> >> tokenid >> >> 200 + Boolean >> >> Logout >> >> POST on /auth/logout >> >> subjectid >> >> 200 + void >> >> >> ------------------------------------------------------------------------------------ >> >> >> >> As you can see theres a mix of token and tokenid. So we have four >> representations of the same thing token.id , token , tokenid, >> subjectid ? > > You are right, but the services you mentioned are the original OpenSSO > services, which is why I can not simply change them. > The names are inconsisten (I know). > Best regards > Andreas > _______________________________________________ > Development mailing list > Development at opentox.org > http://www.opentox.org/mailman/listinfo/development > Another inconsistency making life difficult is that the policy server at http://opensso.in-silico.ch/Pol/opensso-pol takes the token without url encoding while the authorization step requires a urlencoded token ! Could you please clarify these inconsistencies (if the cannot be changed) in the help document ? Regards Surajit
- Previous message: [OTDev] A&A clarifications
- Next message: [OTDev] A&A clarifications
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Development mailing list