Bug 4404 - anonymous authentication with self authorization GSI
: anonymous authentication with self authorization GSI
Status: RESOLVED FIXED
: GSI C
Authentication
: unspecified
: PC Linux
: P3 minor
: ---
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2006-05-16 13:02 by
Modified: 2008-08-11 15:19 (History)


Attachments
anonymous authentication patch (1.38 KB, patch)
2006-06-05 15:35, Joe Bester
Details


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2006-05-16 13:02:18
I was testing some command line option combinations with a WSRF client I am
writing. When I used the GLOBUS_XIO_GSI_SET_ANON attribute to  along with the
GLOBUS_XIO_GSI_SELF_AUTHORIZATION authorization mode in a client, XIO ignored
the anonymous part of the authorization request. It looks like what happens is
the globus_l_xio_gsi_setup_target_name() function was acquiring a credential to
determine the user's subject name (fine), and then XIO was using that
credential when doing the gssapi handshake (hmmm). The GSS_C_ANON_FLAG is
ignored when the cred_handle passed to init_sec_context is not
GSS_C_NO_CREDENTIAL.
------- Comment #1 From 2006-06-05 15:35:41 -------
Created an attachment (id=971) [details]
anonymous authentication patch

Attaching a patch which causes init_sec_context to honor the GSS_C_ANON_FLAG
even if a credential is passed to init_sec_context.

joe
------- Comment #2 From 2006-07-24 17:21:58 -------
committed joe's patch to trunk