shibboleth-dev - RE: resolvertest
Subject: Shibboleth Developers
List archive
- From: Scott Cantor <>
- To: 'Mark Earnest' <>,
- Subject: RE: resolvertest
- Date: Wed, 18 Feb 2004 10:53:37 -0500
- Importance: Normal
- Organization: The Ohio State University
> I have also heard from some of our guys that resolvertest has returned
> different values for the same user with the same parameters at
> different times. I have not seen this but I thought I should also pass
> that on.
The dummy implementation of targetedID is really not suited for real use, as
we've noted on irc, you really need to generate and store the values in a
directory/database.
That said, the reason you're seeing this is that part of the hash input is a
random salt value in a keystore. That keystore's salt value is most likely
different inside the running warfile vs. the expanded copy you're using with
resolvertest. If you have a bunch of deploys, they all have to share the
same salt keystore, just like with the handle encryption key.
-- Scott
- resolvertest, Mark Earnest, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
- RE: resolvertest, RL 'Bob' Morgan, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
- Re: resolvertest, Mark Earnest, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
- RE: resolvertest, Mark Allen Earnest, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
- RE: resolvertest, Mark Allen Earnest, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
- Re: resolvertest, Walter Hoehn, 02/18/2004
- RE: resolvertest, Mark Allen Earnest, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
- RE: resolvertest, Mark Allen Earnest, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
- RE: resolvertest, RL 'Bob' Morgan, 02/18/2004
- RE: resolvertest, Scott Cantor, 02/18/2004
Archive powered by MHonArc 2.6.16.