View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0009313CTT UA Scripts1 - Script Issuepublic2023-12-14 13:322024-04-12 05:58
ReporterThomas Assigned ToMichael Fehler  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.03.508 
Summary0009313: Security User Anonymous TC1 and TC2 using wrong PolicyId
Description

The CTT is using the PolicyId "Anonymous" instead of the PolicyId received in GetEndpoints response. Our server replies with BadIdentityTokenInvalid which is expected if the client provides an unknown PolicyId.

TagsNo tags attached.
Files Affected

/library/Base/identity.js

Activities

Maximilian

2023-12-21 10:12

reporter   ~0020542

I am not sure if this relates to your issue, but I think we found an issue in the buildAnonymousIdentityToken() method.

The getUserTokenPolicy() method called inside buildAnonymousIdentityToken() will be called with an empty "securityPolicyUri" if the first "if-clause" is true.
"securityPolicyUri" will only be set in the "else if" and "else" clause.
We assume in the first "if-clause" it will be written into the wrong variable "channelSecurityProlicy". channelSecurityPolicy will never be used in this method.

This causes the test to create a new UaAnonymousIdentityToken instead of using the one in the response.

buildAnonymousIdentityToken.png (382,208 bytes)

Paul Hunkar

2024-04-12 05:58

administrator   ~0021119

Reviewed issue in call, agreed to changes and closed issue

Issue History

Date Modified Username Field Change
2023-12-14 13:32 Thomas New Issue
2023-12-14 15:16 Paul Hunkar Assigned To => Alexander Allmendinger
2023-12-14 15:16 Paul Hunkar Status new => assigned
2023-12-21 10:12 Maximilian Note Added: 0020542
2023-12-21 10:12 Maximilian File Added: buildAnonymousIdentityToken.png
2024-01-11 07:05 Michael Fehler Assigned To Alexander Allmendinger => Michael Fehler
2024-01-19 07:16 Michael Fehler Status assigned => resolved
2024-01-19 07:16 Michael Fehler Files Affected => /library/Base/identity.js
2024-04-12 05:58 Paul Hunkar Status resolved => closed
2024-04-12 05:58 Paul Hunkar Resolution open => fixed
2024-04-12 05:58 Paul Hunkar Fixed in Version => 1.03.508
2024-04-12 05:58 Paul Hunkar Note Added: 0021119