directory-fortress mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn McKinney <smckin...@apache.org>
Subject Re: multiple user passwords in fortress-rest
Date Fri, 24 Apr 2015 11:06:41 GMT

> On Apr 24, 2015, at 4:59 AM, Oleksandr Bodriagov (Polystar) <oleksandr.bodriagov@polystar.com>
wrote:
> 
> Hi,
> 
> I wanted to test a rest component, so I looked into EmTest.java and saw an
> example of session creation in ³src/test/resources/createSession.xml"
> <FortRequest>
>   <contextId>HOME</contextId>
>   <entity xsi:type="user"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>   <userId>emtestuser1</userId>
>   <password>112</password>
>   <password>97</password>
>   <password>115</password>
>   <password>115</password>
>   <password>119</password>
>   <password>111</password>
>   <password>114</password>
>   <password>100</password>
>   </entity>
>   </FortRequest>
> 
> 
> If I run this POST request, then everything works and I get the session
> info back. However, if I remove just one password from the list, then I
> get 
> <FortResponse><errorCode>1013</errorCode><errorMessage>PASSWORD
INVALID
> for userId [emtestuser1], resultCode [INVALID_CREDENTIALS]</errorMessage>
> 
> I am not sure I understand this concept of multiple passwords. I would be
> grateful if someone could point me to the resource where I could read
> about it.
> 
> Best regards,
> Oleksandr
> 

Oleksandr,

The password is stored on user object as array of characters:
    private char[] password;

Each element in the array is represented as an element in the xml document.  So if you delete
and element, you aren’t deleting a password, you are removing one of the characters of the
user’s password - thus the failure later on on createSession.  Fortress does not support
multiple passwords for users.

Thanks,

Shawn
smckinney@apache.org

Mime
View raw message