cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1286
Views
3
Helpful
5
Replies

context getusername is always admin though there is no user admin and PAM enabled

spudukko
Cisco Employee
Cisco Employee

Whenever i get  username from service context on Java  , it returns admin

I have enabled pam authentication in ncs.conf and there is no aaa enabled and linux box had no user named admin and when i create my service using a user (XYZ) with pam authentication added to ncsadmin  , the username from context always returns admin

$ id -u admin

$ id: ‘admin’: no such user

admin@ncs% show aaa

No entries found.

[ok][2018-04-05 15:40:36]

ncs_cli -u xyz

set my service

ncs.conf

    <pam>

      <enabled>true</enabled>

      <service>common-auth</service>

    </pam>

here context is obtained from service:

   ServiceContextImpl contextImpl = (ServiceContextImpl) context;

   String ctxuser=contextImpl.getCurrentDpTrans().getUserInfo().getUserName();

when do a service from ncs_cli  using user XYZ , it should give username as XYZ instead of admin ..

I am missing something. Please help me in understanding

5 Replies 5

Dan.Sullivan
Cisco Employee
Cisco Employee

Hi,

NSO doesn't validate the user/password information when you execute a ncs_cli -u admin. Now if you were to ssh directly to NSO (I believe thats port 2024) then you won't be able to log in. NSO assumes the service its deployed on is secure. Its is expected "normal" NSO users won't access NSO through the ncs_cli command but rather direct ssh or programmatically

-Dan

Hi Dan,

Thanks for replying back. When we create a nso package and we have java logic establishing maapi session towards NSO, under what username  is it correct to establish session.

I believe we can use admin or system .  Is it possible not to hardcode a username  while establishing session and get it dynamically from nso environment.

Regards

Subramanian

You should dynamically get the username

-Dan

How to get the username dynamically ?

One more question, are you running with a system install or a local install of NSO?

-Dan