FYI This issue can be tracked here https://wso2.org/jira/browse/STORE-607
@Ruchira, Thanks for the workaround at the moment On Fri, Jan 23, 2015 at 9:47 PM, Senduran Balasubramaniyam < sendu...@wso2.com> wrote: > Sure Ruchira, > > Thanks > Senduran > > On Fri, Jan 23, 2015 at 7:23 PM, Ruchira Wageesha <ruch...@wso2.com> > wrote: > >> >> On Fri, Jan 23, 2015 at 4:21 PM, Senduran Balasubramaniyam < >> sendu...@wso2.com> wrote: >> >>> Hi, >>> >>> Even when I add the "UseAuthenticatedUserDomainCrypto" to true in IS, I >>> am still getting the same exception. >>> Is this because IS couldn't identify whether it is tenant or admin who >>> has logged in ? as Malithi mentioned in "[IS] [ES] Signature Validation >>> fails when tenant logs into SSO enabled Publisher" >>> >> Hm..I doubt how something like this could happen. If there is a logged in >> session, that means there is an associated user who's tenant domain can be >> determined. Relying on a passed tenant domain is never secure for >> authenticated users. >> >> Anyway, can you talk to me on Monday, so that we can have a look with the >> property suggested by pushpalanka. >> >> /Ruchira >> >> -- >> >> *Ruchira Wageesha**Associate Technical Lead* >> *WSO2 Inc. - lean . enterprise . middleware | wso2.com <http://wso2.com>* >> >> *email: ruch...@wso2.com <ruch...@wso2.com>, blog: >> ruchirawageesha.blogspot.com <http://ruchirawageesha.blogspot.com>, >> mobile: +94 77 5493444 <%2B94%2077%205493444>* >> > > > > -- > *Senduran * > Software Engineer, > WSO2, Inc.; http://wso2.com/ <http://wso2.com/> > Mobile: +94 77 952 6548 > -- *Senduran * Software Engineer, WSO2, Inc.; http://wso2.com/ <http://wso2.com/> Mobile: +94 77 952 6548
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
