0

Is seems that the credentialStore property is not being picked up when using the SBT. We have this property:

 <managed-property>
    <property-name>credentialStore</property-name>
    <value>CredStoreCloudant</value>
    </managed-property>

There is no change when I change the value to any odd name, while this name is clearly defined in the managed-beans.xml, like this :

<managed-bean>
        <managed-bean-name>CredStoreCloudant</managed-bean-name>
        <managed-bean-class>com.eoffice.sbt.credentialstore.CloudantCredentialStore</managed-bean-class>
        <managed-bean-scope>application</managed-bean-scope>
    </managed-bean>

The managed-beans.xml is being used, when we change the property clientID , we do get the 401 error: 

oauth_invalid_clientid

Which is expected behaviour. The OAuth dance is performed nicely, but our code does not execute. It appears to be using the MemoryStore.

mpjjonker
  • 917
  • 1
  • 6
  • 28
  • When I inspect the credentialstore in runtime it tells that this : com.ibm.sbt.security.credential.store.AnonymousSessionCredentialStore , is the implementation – mpjjonker Jul 07 '16 at 13:02
  • it means there is no principal being found by the authentication layer – Paul Bastide Sep 09 '16 at 11:20
  • thanks @PaulBastide how can I force my credentialstore to be used ? – mpjjonker Sep 09 '16 at 11:35
  • maybe look at - https://github.com/OpenNTF/SocialSDK/blob/4f07c13180aa27152e08adf6440b6692e5a54d3b/samples/j2ee/templates/mysocial.webapp/src/main/webapp/WEB-INF/managed-beans.xml (it relies on a java.security.userprincipal being available in the request) so I'm not a 100% sure if your situation it's being generated / associated. – Paul Bastide Sep 09 '16 at 12:57
  • Maybe I need to clarify that we need to store the user's tokens in a cloudant database (after giving consent) and than later when an event comes in from "the cloud" with a identifier for that user (email address or phone number), we need to fetch the token from that database using this key. So there is , per definition. no security context for this user. Actually the SQL based datastore works this way and we have not had problems with this one ? – mpjjonker Sep 09 '16 at 13:00
  • 1
    you'll have to extend the auth interceptor to work with this case. by default it won't work. – Paul Bastide Sep 12 '16 at 00:44

0 Answers0