Hi Kevin, The logs contain a call to installMembership on the manager bus. Are there any other reasons for not having a sendMemberships call? When writing these tests I could not use credential accessor to get the guid of the bus to set the IssuerCN, and I could not use it to get the bus privatekey to sign the manifest. So I generated a random private key and a random guid instead.
Thanks, George On Fri, Oct 21, 2016 at 10:20 AM, Kevin Kane <[email protected]> wrote: > I don’t see any calls to SendMemberships in the trace. This suggests your > security manager bus attachment hasn’t been provisioned with an admin group > membership certificate, since later the PERMISSION_MGMT source shows the > peer does not match against the ACL for WITH_MEMBERSHP, which should match. > Can you make sure your setup generates and installs an admin group > membership certificate onto the bus attachment from which you make the > Reset call? > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *George Tang > *Sent:* Thursday, October 20, 2016 9:09 PM > *To:* allseen-core <[email protected]> > *Subject:* [Allseen-core] ER_PERMISSION_DENIED > > > > Hi all, > > > > I am getting this error ER_PERMISSION_DENIED, when calling reset in Java. > I have a feeling that some value of CertificateX509 is not being set > correctly, but I don't know which value. I have the logs for a successful > call to reset from the core sample test SecurityClaimApplicationTest.cc > (testlog). I also have logs the call to reset from the Java bindings that > fails (antlog). It would be great if someone experienced in security and > certificates could take a look. > > > > Thanks, > > George >
_______________________________________________ Allseen-core mailing list [email protected] https://lists.allseenalliance.org/mailman/listinfo/allseen-core
