Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Archived » OHF » Bridge: Node-Authentication failure message (#1222)
Bridge: Node-Authentication failure message (#1222) [message #37440] Tue, 20 November 2007 03:54 Go to next message
Takeo Satomi is currently offline Takeo Satomi
Messages: 32
Registered: July 2009
Member
Greetings, all.

I tried the pre-connectathon test #1222 which requires my Bridge-based
client to generate a Node Authentication Failure audit message but I see
no operations in the service available for the messaging. Instead I
confirmed just the Query message is sent even if the handshake between the
mesa server and the Bridge is not successful.

Do you have a plan to implement the messaging capability with Bridge, or
do I have to handle SunCertPathBuilderException or similar errors and
generate the message on my own?

Thanks,
Takeo Satomi
Re: Bridge: Node-Authentication failure message (#1222) [message #37574 is a reply to message #37440] Tue, 20 November 2007 18:18 Go to previous messageGo to next message
Matthew Davis
Messages: 269
Registered: July 2009
Senior Member
Hi Takeo,

The transport layer of OHF (below the Bridge - inside of the IHE plug-in
code) will take care of the NodeAuthenticationFailure. It is not
something that your application should need an API in the Bridge nor
should you need to handle it - unless you're only using partial
functionality of the Bridge and writing your own IHE code as well. If
there is a need for a NodeAuthenticationFailure operation in the Bridge,
we can add it.

The NodeAuthenticationFaliure message should be generated automatically
after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
want, please submit a log of the transaction message and we'll see
what's going on.

Thanks,
-Matt


Takeo Satomi wrote:
> Greetings, all.
>
> I tried the pre-connectathon test #1222 which requires my Bridge-based
> client to generate a Node Authentication Failure audit message but I see
> no operations in the service available for the messaging. Instead I
> confirmed just the Query message is sent even if the handshake between
> the mesa server and the Bridge is not successful.
>
> Do you have a plan to implement the messaging capability with Bridge, or
> do I have to handle SunCertPathBuilderException or similar errors and
> generate the message on my own?
>
> Thanks,
> Takeo Satomi
>
>
Re: Bridge: Node-Authentication failure message (#1222) [message #37669 is a reply to message #37574] Wed, 21 November 2007 03:11 Go to previous messageGo to next message
Takeo Satomi is currently offline Takeo Satomi
Messages: 32
Registered: July 2009
Member
Thank you for the clarification, Matt. It was just the syslog server
contained in MESA tool failed to receive the Node Authentication Failure
message. I modified Bridge setting so that the syslog messages are sent
to another daemon and could receive the log successfully.

Even if the mesa syslog server had no problem I couldn't pass the test
automatically though, since it expects the Node Authentication Failure
message is the last message recorded in a single transaction while Bridge
sends two more messages, Application Stop and Query. Should I ask them
to modify the test script, or should I do some handiwork and ignore these
little things? (I guess this kind of things had happend many times in
past connectathons and you managed them eventually...)

Thanks,
Takeo Satomi

Matthew Davis wrote:

> Hi Takeo,

> The transport layer of OHF (below the Bridge - inside of the IHE plug-in
> code) will take care of the NodeAuthenticationFailure. It is not
> something that your application should need an API in the Bridge nor
> should you need to handle it - unless you're only using partial
> functionality of the Bridge and writing your own IHE code as well. If
> there is a need for a NodeAuthenticationFailure operation in the Bridge,
> we can add it.

> The NodeAuthenticationFaliure message should be generated automatically
> after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
> want, please submit a log of the transaction message and we'll see
> what's going on.

> Thanks,
> -Matt


> Takeo Satomi wrote:
>> Greetings, all.
>>
>> I tried the pre-connectathon test #1222 which requires my Bridge-based
>> client to generate a Node Authentication Failure audit message but I see
>> no operations in the service available for the messaging. Instead I
>> confirmed just the Query message is sent even if the handshake between
>> the mesa server and the Bridge is not successful.
>>
>> Do you have a plan to implement the messaging capability with Bridge, or
>> do I have to handle SunCertPathBuilderException or similar errors and
>> generate the message on my own?
>>
>> Thanks,
>> Takeo Satomi
Re: Bridge: Node-Authentication failure message (#1222) [message #37698 is a reply to message #37669] Wed, 21 November 2007 15:05 Go to previous message
Matthew Davis
Messages: 269
Registered: July 2009
Senior Member
Hi Takeo,

Excellent point on the MESA test tools - yes that's how we end up doing
it is by doing a little manipulation of the system. We just take the
text output of our audit message (from the debug log) and place the
contents in the file that the MESA validation script looks at
(last_log.txt or something). It's not an optimal solution but I don't
think you'll get much traction from the IHE folks on changing the test
procedure this year.

-Matt


Takeo Satomi wrote:
> Thank you for the clarification, Matt. It was just the syslog server
> contained in MESA tool failed to receive the Node Authentication Failure
> message. I modified Bridge setting so that the syslog messages are
> sent to another daemon and could receive the log successfully.
>
> Even if the mesa syslog server had no problem I couldn't pass the test
> automatically though, since it expects the Node Authentication Failure
> message is the last message recorded in a single transaction while
> Bridge sends two more messages, Application Stop and Query. Should I
> ask them to modify the test script, or should I do some handiwork and
> ignore these little things? (I guess this kind of things had happend
> many times in past connectathons and you managed them eventually...)
>
> Thanks,
> Takeo Satomi
>
> Matthew Davis wrote:
>
>> Hi Takeo,
>
>> The transport layer of OHF (below the Bridge - inside of the IHE
>> plug-in code) will take care of the NodeAuthenticationFailure. It is
>> not something that your application should need an API in the Bridge
>> nor should you need to handle it - unless you're only using partial
>> functionality of the Bridge and writing your own IHE code as well. If
>> there is a need for a NodeAuthenticationFailure operation in the
>> Bridge, we can add it.
>
>> The NodeAuthenticationFaliure message should be generated
>> automatically after any handshake failure when using OHF for PIX, PDQ,
>> or XDS. If you want, please submit a log of the transaction message
>> and we'll see what's going on.
>
>> Thanks,
>> -Matt
>
>
>> Takeo Satomi wrote:
>>> Greetings, all.
>>>
>>> I tried the pre-connectathon test #1222 which requires my
>>> Bridge-based client to generate a Node Authentication Failure audit
>>> message but I see no operations in the service available for the
>>> messaging. Instead I confirmed just the Query message is sent even
>>> if the handshake between the mesa server and the Bridge is not
>>> successful.
>>>
>>> Do you have a plan to implement the messaging capability with Bridge,
>>> or do I have to handle SunCertPathBuilderException or similar errors
>>> and generate the message on my own?
>>>
>>> Thanks,
>>> Takeo Satomi
>
>
Re: Bridge: Node-Authentication failure message (#1222) [message #583309 is a reply to message #37440] Tue, 20 November 2007 18:18 Go to previous message
Matthew Davis
Messages: 269
Registered: July 2009
Senior Member
Hi Takeo,

The transport layer of OHF (below the Bridge - inside of the IHE plug-in
code) will take care of the NodeAuthenticationFailure. It is not
something that your application should need an API in the Bridge nor
should you need to handle it - unless you're only using partial
functionality of the Bridge and writing your own IHE code as well. If
there is a need for a NodeAuthenticationFailure operation in the Bridge,
we can add it.

The NodeAuthenticationFaliure message should be generated automatically
after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
want, please submit a log of the transaction message and we'll see
what's going on.

Thanks,
-Matt


Takeo Satomi wrote:
> Greetings, all.
>
> I tried the pre-connectathon test #1222 which requires my Bridge-based
> client to generate a Node Authentication Failure audit message but I see
> no operations in the service available for the messaging. Instead I
> confirmed just the Query message is sent even if the handshake between
> the mesa server and the Bridge is not successful.
>
> Do you have a plan to implement the messaging capability with Bridge, or
> do I have to handle SunCertPathBuilderException or similar errors and
> generate the message on my own?
>
> Thanks,
> Takeo Satomi
>
>
Re: Bridge: Node-Authentication failure message (#1222) [message #583347 is a reply to message #37574] Wed, 21 November 2007 03:11 Go to previous message
Takeo Satomi is currently offline Takeo Satomi
Messages: 32
Registered: July 2009
Member
Thank you for the clarification, Matt. It was just the syslog server
contained in MESA tool failed to receive the Node Authentication Failure
message. I modified Bridge setting so that the syslog messages are sent
to another daemon and could receive the log successfully.

Even if the mesa syslog server had no problem I couldn't pass the test
automatically though, since it expects the Node Authentication Failure
message is the last message recorded in a single transaction while Bridge
sends two more messages, Application Stop and Query. Should I ask them
to modify the test script, or should I do some handiwork and ignore these
little things? (I guess this kind of things had happend many times in
past connectathons and you managed them eventually...)

Thanks,
Takeo Satomi

Matthew Davis wrote:

> Hi Takeo,

> The transport layer of OHF (below the Bridge - inside of the IHE plug-in
> code) will take care of the NodeAuthenticationFailure. It is not
> something that your application should need an API in the Bridge nor
> should you need to handle it - unless you're only using partial
> functionality of the Bridge and writing your own IHE code as well. If
> there is a need for a NodeAuthenticationFailure operation in the Bridge,
> we can add it.

> The NodeAuthenticationFaliure message should be generated automatically
> after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
> want, please submit a log of the transaction message and we'll see
> what's going on.

> Thanks,
> -Matt


> Takeo Satomi wrote:
>> Greetings, all.
>>
>> I tried the pre-connectathon test #1222 which requires my Bridge-based
>> client to generate a Node Authentication Failure audit message but I see
>> no operations in the service available for the messaging. Instead I
>> confirmed just the Query message is sent even if the handshake between
>> the mesa server and the Bridge is not successful.
>>
>> Do you have a plan to implement the messaging capability with Bridge, or
>> do I have to handle SunCertPathBuilderException or similar errors and
>> generate the message on my own?
>>
>> Thanks,
>> Takeo Satomi
Re: Bridge: Node-Authentication failure message (#1222) [message #583368 is a reply to message #37669] Wed, 21 November 2007 15:05 Go to previous message
Matthew Davis
Messages: 269
Registered: July 2009
Senior Member
Hi Takeo,

Excellent point on the MESA test tools - yes that's how we end up doing
it is by doing a little manipulation of the system. We just take the
text output of our audit message (from the debug log) and place the
contents in the file that the MESA validation script looks at
(last_log.txt or something). It's not an optimal solution but I don't
think you'll get much traction from the IHE folks on changing the test
procedure this year.

-Matt


Takeo Satomi wrote:
> Thank you for the clarification, Matt. It was just the syslog server
> contained in MESA tool failed to receive the Node Authentication Failure
> message. I modified Bridge setting so that the syslog messages are
> sent to another daemon and could receive the log successfully.
>
> Even if the mesa syslog server had no problem I couldn't pass the test
> automatically though, since it expects the Node Authentication Failure
> message is the last message recorded in a single transaction while
> Bridge sends two more messages, Application Stop and Query. Should I
> ask them to modify the test script, or should I do some handiwork and
> ignore these little things? (I guess this kind of things had happend
> many times in past connectathons and you managed them eventually...)
>
> Thanks,
> Takeo Satomi
>
> Matthew Davis wrote:
>
>> Hi Takeo,
>
>> The transport layer of OHF (below the Bridge - inside of the IHE
>> plug-in code) will take care of the NodeAuthenticationFailure. It is
>> not something that your application should need an API in the Bridge
>> nor should you need to handle it - unless you're only using partial
>> functionality of the Bridge and writing your own IHE code as well. If
>> there is a need for a NodeAuthenticationFailure operation in the
>> Bridge, we can add it.
>
>> The NodeAuthenticationFaliure message should be generated
>> automatically after any handshake failure when using OHF for PIX, PDQ,
>> or XDS. If you want, please submit a log of the transaction message
>> and we'll see what's going on.
>
>> Thanks,
>> -Matt
>
>
>> Takeo Satomi wrote:
>>> Greetings, all.
>>>
>>> I tried the pre-connectathon test #1222 which requires my
>>> Bridge-based client to generate a Node Authentication Failure audit
>>> message but I see no operations in the service available for the
>>> messaging. Instead I confirmed just the Query message is sent even
>>> if the handshake between the mesa server and the Bridge is not
>>> successful.
>>>
>>> Do you have a plan to implement the messaging capability with Bridge,
>>> or do I have to handle SunCertPathBuilderException or similar errors
>>> and generate the message on my own?
>>>
>>> Thanks,
>>> Takeo Satomi
>
>
Previous Topic:Hash, Size and URI missing in metadata
Next Topic:Major new IHE/Bridge build for Connectathon now available
Goto Forum:
  


Current Time: Thu Aug 28 23:34:14 EDT 2014

Powered by FUDForum. Page generated in 0.12837 seconds