Watson Supply Chain Ideas

Use this form to submit an idea for a new product feature. The product team will review your input and provide status updates as decisions are made regarding the request.

Before you submit a new idea, please view requests that have already been submitted. If your idea has already been submitted, you can add comments or vote on the existing idea, thereby indicating your agreement with the idea. We may use this information to help prioritize development of new features.


Submit ideas for Watson Marketing and Watson Commerce products

Better SSH Key matching functionality

Currently in order to perform SSH Key-based SFTP authentication for trading partners using SSP and SEAS we utilize the preconfigured "VerifySSHPublicKey" Attribute Assertion, defined as "{sshPublicKey_b64}" == "{attr[sshPublicKeyQuery].sshPublicKey}"

As a result, in order to perform any key-based validation of users, the user's public key must be manually trimmed to remove the key type and comments before storing it in LDAP. For example, the key
"ssh-rsa AAAAB3NzaC1yc2...qhsNLP user@server1" must be trimmed down to just "AAAAB3NzaC1yc2...qhsNLP"

We are attempting to implement more self-service functionality in configuring new interfaces, and as such we require users to submit their own requests to add SSH keys to their LDAP account. Users regularly forget to perform the manual trimming of keys, or do it incorrectly, requiring additional manual intervention to correct the key in LDAP.

Ideally SEAS should be able to recognize a valid key in either the OpenSSH or SSH2 format and correctly compare only the key-portion of the string to the actual key provided on login. Failing that, it should be possible to configure wildcards in the Attribute assertion definitions, or add a "contains" comparison operator, so that we could create an assertion that would match if the key in LDAP contains the key that is provided at login, without it being an exact match.
  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Jan 8 2018
  • Under Consideration
How will this idea be used?
What is your industry?
What is the idea priority? High
DeveloperWorks ID DW_ID104721
Link to original RFE http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=104721
  • Attach files