Skip to content

2 Features: junctions [ltpa] + junctions_servers [local_ip] #181

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

2 Features: junctions [ltpa] + junctions_servers [local_ip] #181

wants to merge 3 commits into from

Conversation

svetterIO
Copy link
Contributor

+1 Function: Compare LTPA files for idempotency on junction creation
+1 Feature: add local_ip as possible junction parameter

  • 1 typo in comment of entry.py

@svetterIO
2 Features: junctions [ltpa] + junctions_servers [local_ip]
9e738a5 
+1 Function: Compare LTPA files for idempotency on junction creation
+1 Feature: add local_ip as possible junction parameter
+ 1 typo in comment of entry.py
@svetterIO svetterIO mentioned this pull request Aug 15, 2019
Closed
@ram-ibm
Copy link
Collaborator

ram-ibm commented Oct 1, 2019

Please plan to use "ignore_password_for_idempotency" for skipping idempotency check for passwords that we cannot compare. I'll update code for ltpa_keyfile_password.

local_ip is not documented in the KnowldgeCenter. Which version is that introduced from so we can add version checks please?

@svetterIO
Copy link
Contributor Author

Is this new parameter "ignore_password_for_idempotency" planed for all other classes as well or only for this junctions.py ? Because I used the same logic also in pull request https://github.com/IBM-Security/ibmsecurity/pull/177/commits for server connections ibmsecurity/isam/aac/server_connections in ci.py, jdbc.py, smtp.py, ws.py.

The local_ip parameter seems to be existing since isam 7.0 (https://www.ibm.com/support/knowledgecenter/de/SSPREK_7.0.0.1/com.ibm.isam.doc_80/ameb_webseal_appl_guide/task/tsk_junction_parameter_rtv.html). So version checking shouldn't be necessary.
I also checked v9.0.1 and local_ip is present:
image

@svetterIO
Fix: junctions.set -> use ignore_password_for_idempotency instead of …
f618ccf 
…force

Using ignore_password_for_idempotency  on set function for junction creation/modification instead of force parameter.

Same logic as already used for module_chains: (https://github.com/IBM-Security/ibmsecurity/blob/master/ibmsecurity/isam/fed/sts/module_chains.py)
@svetterIO
Merge branch 'master' into pull-request_reverse_proxy
1bde16a
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@svetterIO @ram-ibm