Delete UNIQUE contraint on subject_dn column

of iam_x509_cert because it causes certificate duplication error with same dn but different issuer
indigo-iam · Nov 23, 2023 · 9be053f · 9be053f
1 parent 2c11a7c
commit 9be053f
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 1 deletion.
diff --git a/.../src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509AuthenticationIntegrationTests.java b/.../src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509AuthenticationIntegrationTests.java
@@ -219,6 +219,9 @@ public void testx509AccountLinking() throws Exception {
     .andExpect(
         flash().attribute(ACCOUNT_LINKING_DASHBOARD_MESSAGE_KEY, equalTo(confirmationMsg)));
 
+    linkedAccount = iamAccountRepo.findByUsername("test")
+        .orElseThrow(() -> new AssertionFailedError("Expected user linked to certificate not found"));
+
      assertThat(linkedAccount.getX509Certificates().size(), is(2));
 
   }

diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509TestSupport.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/ext_authn/x509/X509TestSupport.java
@@ -365,7 +365,7 @@ private HttpHeaders test2SSLHeaders(boolean verified, String verificationError)
   private HttpHeaders test1SSLHeaders(boolean verified, String verificationError) {
     HttpHeaders headers = new HttpHeaders();
     headers.add(DefaultX509AuthenticationCredentialExtractor.Headers.CLIENT_CERT.getHeader(),
-        TEST_0_CERT_STRING_NGINX);
+        TEST_1_CERT_STRING_NGINX);
 
     headers.add(DefaultX509AuthenticationCredentialExtractor.Headers.SUBJECT.getHeader(),
         TEST_0_SUBJECT);

diff --git a/iam-persistence/src/main/resources/db/migration/mysql/V97__delete_unique_subject_dn.sql b/iam-persistence/src/main/resources/db/migration/mysql/V97__delete_unique_subject_dn.sql
@@ -0,0 +1,2 @@
+-- Drop unique constraint on subject dn
+ALTER TABLE iam_x509_cert DROP INDEX subject_dn;
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		-- Drop unique constraint on subject dn
		ALTER TABLE iam_x509_cert DROP INDEX subject_dn;