Le 24/04/15 13:06, Shawn McKinney a écrit : >> On Apr 24, 2015, at 4:59 AM, Oleksandr Bodriagov (Polystar) >> <[email protected]> wrote: >> >> Hi, >> >> I wanted to test a rest component, so I looked into EmTest.java and saw an >> example of session creation in ³src/test/resources/createSession.xml" >> <FortRequest> >> <contextId>HOME</contextId> >> <entity xsi:type="user" >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> >> <userId>emtestuser1</userId> >> <password>112</password> >> <password>97</password> >> <password>115</password> >> <password>115</password> >> <password>119</password> >> <password>111</password> >> <password>114</password> >> <password>100</password> >> </entity> >> </FortRequest> >> >> >> If I run this POST request, then everything works and I get the session >> info back. However, if I remove just one password from the list, then I >> get >> <FortResponse><errorCode>1013</errorCode><errorMessage>PASSWORD INVALID >> for userId [emtestuser1], resultCode [INVALID_CREDENTIALS]</errorMessage> >> >> I am not sure I understand this concept of multiple passwords. I would be >> grateful if someone could point me to the resource where I could read >> about it. >> >> Best regards, >> Oleksandr >> > Oleksandr, > > The password is stored on user object as array of characters: > private char[] password; > > Each element in the array is represented as an element in the xml document. > So if you delete and element, you aren’t deleting a password, you are > removing one of the characters of the user’s password - thus the failure > later on on createSession. Fortress does not support multiple passwords for > users.
Ouch !!! Wouldn't had it been more efficient to store the password using a base64 encoding ?
