Bug 4404 – anonymous authentication with self authorization GSI

Bug 4404 - anonymous authentication with self authorization GSI

Summary:

anonymous authentication with self authorization GSI

Status:	RESOLVED FIXED

Product:	GSI C
Component:	Authentication
Version:	unspecified
Platform:	PC Linux

Importance:	P3 minor
Target Milestone:	---
Assigned To:	Raj Kettimuthu

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2006-05-16 13:02 by Joe Bester
Modified:	2008-08-11 15:19 (History)

Attachments
anonymous authentication patch (1.38 KB, patch) 2006-06-05 15:35, Joe Bester	Details
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Joe Bester 2006-05-16 13:02:18

I was testing some command line option combinations with a WSRF client I am
writing. When I used the GLOBUS_XIO_GSI_SET_ANON attribute to  along with the
GLOBUS_XIO_GSI_SELF_AUTHORIZATION authorization mode in a client, XIO ignored
the anonymous part of the authorization request. It looks like what happens is
the globus_l_xio_gsi_setup_target_name() function was acquiring a credential to
determine the user's subject name (fine), and then XIO was using that
credential when doing the gssapi handshake (hmmm). The GSS_C_ANON_FLAG is
ignored when the cred_handle passed to init_sec_context is not
GSS_C_NO_CREDENTIAL.

------- Comment #1 From Joe Bester 2006-06-05 15:35:41 -------

Created an attachment (id=971) [details]
anonymous authentication patch

Attaching a patch which causes init_sec_context to honor the GSS_C_ANON_FLAG
even if a credential is passed to init_sec_context.

joe

------- Comment #2 From Raj Kettimuthu 2006-07-24 17:21:58 -------

committed joe's patch to trunk