Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
RE: [higgins-dev] Higgins STS and X509 credential

Hi Thomas,

I ran into a similar problem. I fixed mine by making sure that the equality for the cardkeyhash attribute in the “higginsperson” schema file was set to “caseExactMatch”.

 

Chris


From: higgins-dev-bounces@xxxxxxxxxxx [mailto:higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of PASQUIER thomas
Sent: Wednesday, July 08, 2009 11:51 AM
To: Higgins (Trust Framework) Project developer discussions
Subject: [higgins-dev] Higgins STS and X509 credential

 

Hi,

 

I tried to use X509 credential with the Higgins STS and GTK Selector.

 

If I understand well, when the STS create an X509 Infocard it adds in the LDAP an attribute cardKeyHash to the current user identity. That seems to work fine.

 

When I try to use the card I have the following error:

NO_ENTITY_ID (should display a clearer error message but JNCDICPMessages seems to be broken).

Using javax.naming.ldap.LdapContext::search (searchBase, strFilter, controls) ( http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html#search%28javax.naming.Name,%20java.lang.String,%20javax.naming.directory.SearchControls%29 )

searchBase is empty. Should not it be something like this: ou=identities,dc=higgins,dc=eclipse,dc=org ? Try to replace by that string but didn’t work (have an error saying he can’t find the object).

 

Is that string supposed to come from the managed configuration file?

 

I can’t figure out where the problem comes from, is there someone who previously works on it? Is that feature supposed to work?

 

Regards,

 

Thomas Pasquier
Gemalto

 

 

 

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.

Back to the top