Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-3838

SOAP API requires un-encrypted password credential in Crowd 2.7.1

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 2.7.2
    • 2.7.1
    • SOAP
    • None

      For about four years we have been running a script to keep our Crowd groups memberships and user attributes in sync with our LDAP directory. We discovered after upgrading Crowd on our dev and test apps that our script no longer works. We have narrowed the problem down to (at a minimum) the inability to authenticate. Here are two Python examples that illustrate the behavior.

      Using Crowd 2.7.0:

      ActivePython 2.6.5.14 (ActiveState Software Inc.) based on
      Python 2.6.5 (r265:79063, Jul  4 2010, 21:05:58) [MSC v.1500 32 bit (Intel)] on win32
      Type "help", "copyright", "credits" or "license" for more information.
      >>> import suds.client
      >>> url_wsdl_prd_fixed = "file:///D:/dryan/SE/SS/Crowd/2.7.1/crowd_ssi-crowd-prd_2.7.0_fixed.wsdl.xml"
      >>> c = suds.client.Client(url_wsdl_prd_fixed)
      >>> auth_context = c.factory.create("ns1:ApplicationAuthenticationContext")
      >>> auth_context.name = "ssp-sso-apps-prd"
      >>> auth_context.credential.credential = "<password>"
      >>> token = c.service.authenticateApplication(auth_context)
      >>> token
      (AuthenticatedToken){
         name = "ssp-sso-apps-prd"
         token = "BQw0rYa0zhf0j0ttVOnyWA00"
       }
      

      Using Crowd 2.7.1:

      ActivePython 2.6.5.14 (ActiveState Software Inc.) based on
      Python 2.6.5 (r265:79063, Jul  4 2010, 21:05:58) [MSC v.1500 32 bit (Intel)] on win32
      Type "help", "copyright", "credits" or "license" for more information.
      >>> import suds.client
      >>> url_wsdl_tst_fixed = "file:///D:/dryan/SE/SS/Crowd/2.7.1/crowd_ssi-crowd-tst_2.7.0_fixed.wsdl.xml"
      >>> c = suds.client.Client(url_wsdl_tst_fixed)
      >>> auth_context = c.factory.create("ns1:ApplicationAuthenticationContext")
      >>> auth_context.name = "ssp-sso-apps-tst"
      >>> auth_context.credential.credential = "<password>"
      >>> token = c.service.authenticateApplication(auth_context)
      No handlers could be found for logger "suds.client"
      Traceback (most recent call last):
        File "<stdin>", line 1, in <module>
        File "C:\Applications\Python26\lib\site-packages\suds-0.3.9-py2.6.egg\suds\client.py", line 539, in __call__
          return client.invoke(args, kwargs)
        File "C:\Applications\Python26\lib\site-packages\suds-0.3.9-py2.6.egg\suds\client.py", line 598, in invoke
          result = self.send(msg)
        File "C:\Applications\Python26\lib\site-packages\suds-0.3.9-py2.6.egg\suds\client.py", line 633, in send
          result = self.failed(binding, e)
        File "C:\Applications\Python26\lib\site-packages\suds-0.3.9-py2.6.egg\suds\client.py", line 684, in failed
          r, p = binding.get_fault(reply)
        File "C:\Applications\Python26\lib\site-packages\suds-0.3.9-py2.6.egg\suds\bindings\binding.py", line 238, in get_fault
          raise WebFault(p, faultroot)
      suds.WebFault: Server raised fault: 'Couldn't set property {http://authentication.integration.crowd.atlassian.com}credential on com.atlassian.crowd.integration.authentication.Appli
      cationAuthenticationContext@2cf8aa09[name=<null>,credential=<null>,validationFactors=<null>]. null'
      

      We tried taking a fresh 2.7.1 WSDL from http://ssi-crowd-tst.ptcnet.ptc.com:8095/crowd/services/SecurityServer?wsdl and applying the fixes referenced in https://jira.atlassian.com/browse/CWD-159 but no luck.

      Before we invest in a development effort to use Crowd's newer REST API instead of the SOAP API, we wanted to see if either this a truly a bug in the new Crowd version or whether there is some change we could make on our side to get our script to work.

      Thanks,
      SSI Team

        1. crowd-2.7.1-wsdl-fixed.wsd
          125 kB
        2. cwd-3838-test.py
          1 kB

              ckrieger Caspar Krieger (Inactive)
              30fa40b9e6fe SSI Team
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: