airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AIRAVATA-2477) For gateway request, store admin password in credential store
Date Tue, 04 Jul 2017 22:36:01 GMT

    [ https://issues.apache.org/jira/browse/AIRAVATA-2477?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16074102#comment-16074102
] 

ASF GitHub Bot commented on AIRAVATA-2477:
------------------------------------------

Github user machristie commented on a diff in the pull request:

    https://github.com/apache/airavata-php-gateway/pull/64#discussion_r125534010
  
    --- Diff: app/libraries/AdminUtilities.php ---
    @@ -28,7 +28,8 @@ public static function add_gateway($inputs)
             $gateway->gatewayAdminEmail = $inputs["admin-email"];
             $gateway->gatewayAdminLastName = $inputs["admin-lastname"];
             $gateway->identityServerUserName = $inputs["admin-username"];
    -        $gateway->identityServerPasswordToken  = $inputs["admin-password"];
    +        $token = create_pwd_token([Session::get('username'), $inputs["admin-password"]]);
    --- End diff --
    
    The username should be the admin-username not the logged in user's username.


> For gateway request, store admin password in credential store
> -------------------------------------------------------------
>
>                 Key: AIRAVATA-2477
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2477
>             Project: Airavata
>          Issue Type: Bug
>          Components: PGA PHP Web Gateway
>            Reporter: Marcus Christie
>            Assignee: Sneha Tilak
>
> Looks like currently the code is storing the admin password provided by a gateway requester
in the identityServerPasswordToken field of the Gateway object.  Instead the code should store
the username and password in the credential store, get back a credential store token, and
save this token in the identityServerPasswordToken field of the Gateway object.
> See AdminUtilities::create_pwd_token for how to generate a password token.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message