Home » Archived » OHF » Bridge: Node-Authentication failure message (#1222)
|
Re: Bridge: Node-Authentication failure message (#1222) [message #37574 is a reply to message #37440] |
Tue, 20 November 2007 23:18 |
Matthew Davis Messages: 269 Registered: July 2009 |
Senior Member |
|
|
Hi Takeo,
The transport layer of OHF (below the Bridge - inside of the IHE plug-in
code) will take care of the NodeAuthenticationFailure. It is not
something that your application should need an API in the Bridge nor
should you need to handle it - unless you're only using partial
functionality of the Bridge and writing your own IHE code as well. If
there is a need for a NodeAuthenticationFailure operation in the Bridge,
we can add it.
The NodeAuthenticationFaliure message should be generated automatically
after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
want, please submit a log of the transaction message and we'll see
what's going on.
Thanks,
-Matt
Takeo Satomi wrote:
> Greetings, all.
>
> I tried the pre-connectathon test #1222 which requires my Bridge-based
> client to generate a Node Authentication Failure audit message but I see
> no operations in the service available for the messaging. Instead I
> confirmed just the Query message is sent even if the handshake between
> the mesa server and the Bridge is not successful.
>
> Do you have a plan to implement the messaging capability with Bridge, or
> do I have to handle SunCertPathBuilderException or similar errors and
> generate the message on my own?
>
> Thanks,
> Takeo Satomi
>
>
|
|
|
Re: Bridge: Node-Authentication failure message (#1222) [message #37669 is a reply to message #37574] |
Wed, 21 November 2007 08:11 |
Takeo Satomi Messages: 32 Registered: July 2009 |
Member |
|
|
Thank you for the clarification, Matt. It was just the syslog server
contained in MESA tool failed to receive the Node Authentication Failure
message. I modified Bridge setting so that the syslog messages are sent
to another daemon and could receive the log successfully.
Even if the mesa syslog server had no problem I couldn't pass the test
automatically though, since it expects the Node Authentication Failure
message is the last message recorded in a single transaction while Bridge
sends two more messages, Application Stop and Query. Should I ask them
to modify the test script, or should I do some handiwork and ignore these
little things? (I guess this kind of things had happend many times in
past connectathons and you managed them eventually...)
Thanks,
Takeo Satomi
Matthew Davis wrote:
> Hi Takeo,
> The transport layer of OHF (below the Bridge - inside of the IHE plug-in
> code) will take care of the NodeAuthenticationFailure. It is not
> something that your application should need an API in the Bridge nor
> should you need to handle it - unless you're only using partial
> functionality of the Bridge and writing your own IHE code as well. If
> there is a need for a NodeAuthenticationFailure operation in the Bridge,
> we can add it.
> The NodeAuthenticationFaliure message should be generated automatically
> after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
> want, please submit a log of the transaction message and we'll see
> what's going on.
> Thanks,
> -Matt
> Takeo Satomi wrote:
>> Greetings, all.
>>
>> I tried the pre-connectathon test #1222 which requires my Bridge-based
>> client to generate a Node Authentication Failure audit message but I see
>> no operations in the service available for the messaging. Instead I
>> confirmed just the Query message is sent even if the handshake between
>> the mesa server and the Bridge is not successful.
>>
>> Do you have a plan to implement the messaging capability with Bridge, or
>> do I have to handle SunCertPathBuilderException or similar errors and
>> generate the message on my own?
>>
>> Thanks,
>> Takeo Satomi
|
|
|
Re: Bridge: Node-Authentication failure message (#1222) [message #37698 is a reply to message #37669] |
Wed, 21 November 2007 20:05 |
Matthew Davis Messages: 269 Registered: July 2009 |
Senior Member |
|
|
Hi Takeo,
Excellent point on the MESA test tools - yes that's how we end up doing
it is by doing a little manipulation of the system. We just take the
text output of our audit message (from the debug log) and place the
contents in the file that the MESA validation script looks at
(last_log.txt or something). It's not an optimal solution but I don't
think you'll get much traction from the IHE folks on changing the test
procedure this year.
-Matt
Takeo Satomi wrote:
> Thank you for the clarification, Matt. It was just the syslog server
> contained in MESA tool failed to receive the Node Authentication Failure
> message. I modified Bridge setting so that the syslog messages are
> sent to another daemon and could receive the log successfully.
>
> Even if the mesa syslog server had no problem I couldn't pass the test
> automatically though, since it expects the Node Authentication Failure
> message is the last message recorded in a single transaction while
> Bridge sends two more messages, Application Stop and Query. Should I
> ask them to modify the test script, or should I do some handiwork and
> ignore these little things? (I guess this kind of things had happend
> many times in past connectathons and you managed them eventually...)
>
> Thanks,
> Takeo Satomi
>
> Matthew Davis wrote:
>
>> Hi Takeo,
>
>> The transport layer of OHF (below the Bridge - inside of the IHE
>> plug-in code) will take care of the NodeAuthenticationFailure. It is
>> not something that your application should need an API in the Bridge
>> nor should you need to handle it - unless you're only using partial
>> functionality of the Bridge and writing your own IHE code as well. If
>> there is a need for a NodeAuthenticationFailure operation in the
>> Bridge, we can add it.
>
>> The NodeAuthenticationFaliure message should be generated
>> automatically after any handshake failure when using OHF for PIX, PDQ,
>> or XDS. If you want, please submit a log of the transaction message
>> and we'll see what's going on.
>
>> Thanks,
>> -Matt
>
>
>> Takeo Satomi wrote:
>>> Greetings, all.
>>>
>>> I tried the pre-connectathon test #1222 which requires my
>>> Bridge-based client to generate a Node Authentication Failure audit
>>> message but I see no operations in the service available for the
>>> messaging. Instead I confirmed just the Query message is sent even
>>> if the handshake between the mesa server and the Bridge is not
>>> successful.
>>>
>>> Do you have a plan to implement the messaging capability with Bridge,
>>> or do I have to handle SunCertPathBuilderException or similar errors
>>> and generate the message on my own?
>>>
>>> Thanks,
>>> Takeo Satomi
>
>
|
|
|
Re: Bridge: Node-Authentication failure message (#1222) [message #583309 is a reply to message #37440] |
Tue, 20 November 2007 23:18 |
Matthew Davis Messages: 269 Registered: July 2009 |
Senior Member |
|
|
Hi Takeo,
The transport layer of OHF (below the Bridge - inside of the IHE plug-in
code) will take care of the NodeAuthenticationFailure. It is not
something that your application should need an API in the Bridge nor
should you need to handle it - unless you're only using partial
functionality of the Bridge and writing your own IHE code as well. If
there is a need for a NodeAuthenticationFailure operation in the Bridge,
we can add it.
The NodeAuthenticationFaliure message should be generated automatically
after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
want, please submit a log of the transaction message and we'll see
what's going on.
Thanks,
-Matt
Takeo Satomi wrote:
> Greetings, all.
>
> I tried the pre-connectathon test #1222 which requires my Bridge-based
> client to generate a Node Authentication Failure audit message but I see
> no operations in the service available for the messaging. Instead I
> confirmed just the Query message is sent even if the handshake between
> the mesa server and the Bridge is not successful.
>
> Do you have a plan to implement the messaging capability with Bridge, or
> do I have to handle SunCertPathBuilderException or similar errors and
> generate the message on my own?
>
> Thanks,
> Takeo Satomi
>
>
|
|
|
Re: Bridge: Node-Authentication failure message (#1222) [message #583347 is a reply to message #37574] |
Wed, 21 November 2007 08:11 |
Takeo Satomi Messages: 32 Registered: July 2009 |
Member |
|
|
Thank you for the clarification, Matt. It was just the syslog server
contained in MESA tool failed to receive the Node Authentication Failure
message. I modified Bridge setting so that the syslog messages are sent
to another daemon and could receive the log successfully.
Even if the mesa syslog server had no problem I couldn't pass the test
automatically though, since it expects the Node Authentication Failure
message is the last message recorded in a single transaction while Bridge
sends two more messages, Application Stop and Query. Should I ask them
to modify the test script, or should I do some handiwork and ignore these
little things? (I guess this kind of things had happend many times in
past connectathons and you managed them eventually...)
Thanks,
Takeo Satomi
Matthew Davis wrote:
> Hi Takeo,
> The transport layer of OHF (below the Bridge - inside of the IHE plug-in
> code) will take care of the NodeAuthenticationFailure. It is not
> something that your application should need an API in the Bridge nor
> should you need to handle it - unless you're only using partial
> functionality of the Bridge and writing your own IHE code as well. If
> there is a need for a NodeAuthenticationFailure operation in the Bridge,
> we can add it.
> The NodeAuthenticationFaliure message should be generated automatically
> after any handshake failure when using OHF for PIX, PDQ, or XDS. If you
> want, please submit a log of the transaction message and we'll see
> what's going on.
> Thanks,
> -Matt
> Takeo Satomi wrote:
>> Greetings, all.
>>
>> I tried the pre-connectathon test #1222 which requires my Bridge-based
>> client to generate a Node Authentication Failure audit message but I see
>> no operations in the service available for the messaging. Instead I
>> confirmed just the Query message is sent even if the handshake between
>> the mesa server and the Bridge is not successful.
>>
>> Do you have a plan to implement the messaging capability with Bridge, or
>> do I have to handle SunCertPathBuilderException or similar errors and
>> generate the message on my own?
>>
>> Thanks,
>> Takeo Satomi
|
|
|
Re: Bridge: Node-Authentication failure message (#1222) [message #583368 is a reply to message #37669] |
Wed, 21 November 2007 20:05 |
Matthew Davis Messages: 269 Registered: July 2009 |
Senior Member |
|
|
Hi Takeo,
Excellent point on the MESA test tools - yes that's how we end up doing
it is by doing a little manipulation of the system. We just take the
text output of our audit message (from the debug log) and place the
contents in the file that the MESA validation script looks at
(last_log.txt or something). It's not an optimal solution but I don't
think you'll get much traction from the IHE folks on changing the test
procedure this year.
-Matt
Takeo Satomi wrote:
> Thank you for the clarification, Matt. It was just the syslog server
> contained in MESA tool failed to receive the Node Authentication Failure
> message. I modified Bridge setting so that the syslog messages are
> sent to another daemon and could receive the log successfully.
>
> Even if the mesa syslog server had no problem I couldn't pass the test
> automatically though, since it expects the Node Authentication Failure
> message is the last message recorded in a single transaction while
> Bridge sends two more messages, Application Stop and Query. Should I
> ask them to modify the test script, or should I do some handiwork and
> ignore these little things? (I guess this kind of things had happend
> many times in past connectathons and you managed them eventually...)
>
> Thanks,
> Takeo Satomi
>
> Matthew Davis wrote:
>
>> Hi Takeo,
>
>> The transport layer of OHF (below the Bridge - inside of the IHE
>> plug-in code) will take care of the NodeAuthenticationFailure. It is
>> not something that your application should need an API in the Bridge
>> nor should you need to handle it - unless you're only using partial
>> functionality of the Bridge and writing your own IHE code as well. If
>> there is a need for a NodeAuthenticationFailure operation in the
>> Bridge, we can add it.
>
>> The NodeAuthenticationFaliure message should be generated
>> automatically after any handshake failure when using OHF for PIX, PDQ,
>> or XDS. If you want, please submit a log of the transaction message
>> and we'll see what's going on.
>
>> Thanks,
>> -Matt
>
>
>> Takeo Satomi wrote:
>>> Greetings, all.
>>>
>>> I tried the pre-connectathon test #1222 which requires my
>>> Bridge-based client to generate a Node Authentication Failure audit
>>> message but I see no operations in the service available for the
>>> messaging. Instead I confirmed just the Query message is sent even
>>> if the handshake between the mesa server and the Bridge is not
>>> successful.
>>>
>>> Do you have a plan to implement the messaging capability with Bridge,
>>> or do I have to handle SunCertPathBuilderException or similar errors
>>> and generate the message on my own?
>>>
>>> Thanks,
>>> Takeo Satomi
>
>
|
|
|
Goto Forum:
Current Time: Sat Sep 21 05:43:34 GMT 2024
Powered by FUDForum. Page generated in 0.04636 seconds
|