Uploaded image for project: 'Integrations: Identity and Access Management'
  1. IAM-103

BSP is rejecting subjectDN values that contain emailaddress

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Won't Fix
    • Component/s: None
    • Labels:
      None
    • Environment:

      BSP 1.0

    • Sprint:

      Description

      Certificates created with the openssl command line tool interactive prompts are not being interpreted correctly by BSP. Specifically, If you fill out the email prompt the resulting subjectDN is being misinterpreted by BSP.

      For example, "C=US, ST=California, L=Berkeley, O=UC Berkeley - IST, OU=CTS, CN=Brian Wood/emailAddress=bwood@berkeley.edu"

      is read by BSP as "EMAILADDRESS=bwood@berkeley.edu, CN=Brian Wood, OU=CTS, O=UC Berkeley - IST, L=Berkeley, ST=California, C=US"

      This causes an exception during auth since the value expected and captured previously in Grouper for the subjectDN does not match that which BSP is passing to Grouper.

        Attachments

          Activity

            People

            • Assignee:
              hazelton@doit.wisc.edu Keith Hazelton (Inactive)
              Reporter:
              falvarez@berkeley.edu Fernando Alvarez
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Due:
                Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1 day
                1d
                Remaining:
                Remaining Estimate - 1 day
                1d
                Logged:
                Time Spent - Not Specified
                Not Specified