(1) Sorry. I threw together a sham build env to get that PR out and it
bit me. My bad.
(2) Only interjecting more generally because I wrote the breaking PR
[bad programmer!], but when I was going through it originally I had
understood that the authentication attribute comparison was being done
to make sure that the principals were coming from the same
authentication source, lest an ST be granted against credentials other
than those which generated the TGT. How that's meant to work with MFA
is beyond my reading level :).
On 4/2/14, 15:01 PM, Misagh Moayyed wrote:
Another issue; pull #415 [1] broke the following test in cas-server-core:
MultifactorAuthenticationTests#testAllowsAccessToHighSecurityServiceWithPa
sswordAndOTPViaRenew()
This is where the test failure comes from:
if (!(current.getPrincipal().equals(original.getPrincipal())
&& current.getAttributes().equals(original.getAttributes()))) {
throw new MixedPrincipalException(current, current.getPrincipal(),
original.getPrincipal());
}
The comparison on authentication attribute fails. What is the intention
here? Should the principal attributes be compared if we are checking for
mixed principal conditions? If so, should that just be captured inside the
equals() of SimplePrincipal?
[1] https://github.com/Jasig/cas/pull/415
-----Original Message-----
From: Misagh Moayyed [mailto:[email protected]]
Sent: Wednesday, April 02, 2014 10:10 AM
To: '[email protected]'
Subject: RE: [cas-dev] [cas-user] Schedule for CAS 4.0
Excellent. I'll get going.
-----Original Message-----
From: Marvin Addison [mailto:[email protected]]
Sent: Wednesday, April 02, 2014 10:04 AM
To: [email protected]
Subject: Re: [cas-dev] [cas-user] Schedule for CAS 4.0
Thanks. Keep us posted on the progress please.
Ldaptive 1.0.3 has been released and is available in Maven Central
[1], so we should be good to bump the version and move forward.
M
http://search.maven.org/#artifactdetails%7Corg.ldaptive%7Cldaptive%7C1
.0.3%7C
jar
--
You are currently subscribed to [email protected] as:
[email protected] To unsubscribe, change settings or access
archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
--
Ne Desit Virtus,
Sean R. Baker
1LT, MS
United States Army
Office #: (301) 319-0712
Email: [email protected]
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
