GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
OpenXPKI::Server::Workflow::Activity::Tools::ValidateChallengePassword(3) User Contributed Perl Documentation OpenXPKI::Server::Workflow::Activity::Tools::ValidateChallengePassword(3)

OpenXPKI::Server::Workflow::Activity::Tools::ValidateChallengePassword

Check the validity of the challenge password.

The activity is designed to run within "shared workflows" and reads the data source configuration details from a config path. The default path is $interface.$server.challenge which can be changed by setting the config_path parameter.

The result of the validation is written to the context key identified by target_key. The result is a literal 0 or 1 if the the check failed / was successful. If the given password is empty or undefined, the target key is deleted/not set.

challenge_password
The actual value of the password to check.
config_path
The path where to look up the data source config (see next section).

The default is equivalent to

  map_config_path: "[% context.interface %].[% context.server %].challenge"
target_key
The context key to store the evaluation result. The default is challenge_password_valid.
mode
Set the validation mode, one of "bind" or "literal" (default).

bind

If you want to check the password against without revealing information about it, use mode: bind.

  challenge:
    mode: bind
    value@: connector:scep.connectors.challenge
      args:
      - "[% context.cert_subject %]"

This will call the given connector with the cert_subject as path argument, the password is passed as parameter using the key "password", therefore you need to use a a special connector that can consume this extra section. The return value is evaluated in boolean context.

literal

Fetch the password from the given source and compare it against the given challenge. Supports only plain text password yet. Example for a mac address based challenge source (mac is passed using the url param feature).

  challenge:
    value@: connector:scep.connectors.challenge
      args:
      - "[% context.url_mac %]"

This will use the value returned from the connector at scep.connectors.challenge.00:11:22:33:44:55.

If you have a static password for all requests, use:

  challenge:
    value: mypassword
2022-05-14 perl v5.32.1
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.