can't seem to figure out what I am doing wrong or the piece that I am missing here.
I generated a .cp file adding the -domain switch:
I'm built my IHybridRealm class based on the example provided and am using the Properties class as well.
I have my spaservice.properties file using the same password as I used to seal the cp file:
The domain I'm trying to use:
I am using appSecurity-form-oerealm.xml (attached the file for review) and have it pointing to my cp file and using the domain access code.
I am running the http://local:8980/HelpdeskMobileApp/static/auth/login.html to check the security and it is failing in the VALIDATE-SEAL method. Here is my ValidateClient:
Here is the broker log error (notice that I outputted that I am using the correct password and it is the correct domain):
I don't see how the keys wouldn't match
[mention:6daadace7d7f4cbe8bb589a05d9989a3:e9ed411860ed4f2ba0265705b8793d05]
You should be aware that encoded passwords are not secure. You shouldn't post them online if you care about having them remain secret.
The Client-Principal:validate( <domain-access-code> ) does not use the HelpdeskMobile domain you configured in your database. The general rule to remember is that all domain access codes are entered into utilities as clear-text, and stored in encrypted/encoded form. (OE will automatically do the encrypting/decrypting for you) So enter clear-text domain-access-code into the Admin, genspacp, and genpassword utilties in clear-text. When you manually store the domain access codes outside of the OE database then put the oech1::xxxx values in text files. The Client-Principal:validate() method will do the decoding of the oech1::xxxx value for you to do the validation.
One debug trick is to enter the clear-text value into genspacp and the Client-Principal:validate() to ensure you are sending the right C-P from the REST service. Dump the C-P user-id,domain,session-id, and create-date in your server's debug code and see that they align with when and what you entered into the genspacp utility. When that works, then change the storage of the domain-access-code in the text file to the oech1::xxxx form.
riche as the one being in charge of our Community, I just wanted to let you know that I'm getting error messages when trying to move this thread in the correct OE Forum. I'm investigating what could be the reasons but it may take me a little while.
May I suggest you re-post your issue in the following forum
community.progress.com/.../19.aspx
Flag this post as spam/abuse.