04-05-2018 03:19 PM - edited 03-01-2019 04:08 AM
Whenever i get username from service context on Java , it returns admin
I have enabled pam authentication in ncs.conf and there is no aaa enabled and linux box had no user named admin and when i create my service using a user (XYZ) with pam authentication added to ncsadmin , the username from context always returns admin
$ id -u admin
$ id: ‘admin’: no such user
admin@ncs% show aaa
No entries found.
[ok][2018-04-05 15:40:36]
ncs_cli -u xyz
set my service
ncs.conf
<pam>
<enabled>true</enabled>
<service>common-auth</service>
</pam>
here context is obtained from service:
ServiceContextImpl contextImpl = (ServiceContextImpl) context;
String ctxuser=contextImpl.getCurrentDpTrans().getUserInfo().getUserName();
when do a service from ncs_cli using user XYZ , it should give username as XYZ instead of admin ..
I am missing something. Please help me in understanding
04-10-2018 09:53 AM
Hi,
NSO doesn't validate the user/password information when you execute a ncs_cli -u admin. Now if you were to ssh directly to NSO (I believe thats port 2024) then you won't be able to log in. NSO assumes the service its deployed on is secure. Its is expected "normal" NSO users won't access NSO through the ncs_cli command but rather direct ssh or programmatically
-Dan
04-10-2018 10:09 AM
Hi Dan,
Thanks for replying back. When we create a nso package and we have java logic establishing maapi session towards NSO, under what username is it correct to establish session.
I believe we can use admin or system . Is it possible not to hardcode a username while establishing session and get it dynamically from nso environment.
Regards
Subramanian
04-10-2018 11:00 AM
You should dynamically get the username
-Dan
04-10-2018 11:06 AM
How to get the username dynamically ?
04-11-2018 06:26 PM
One more question, are you running with a system install or a local install of NSO?
-Dan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community: