From d6b3aef35f6467a17e78deef7493bbc2db12c873 Mon Sep 17 00:00:00 2001
From: Juan Carlos Luciani <jluciani@novell.com>
Date: Fri, 18 May 2007 22:01:14 +0000
Subject: [PATCH] Added code so that the miCASA cache gets cleaned up for user
 casaatsd when updating the realm information for the ATS.

---
 .../yast2-casa-ats/src/CasaAts.ycp            | 37 ++++++++++++++-----
 1 file changed, 27 insertions(+), 10 deletions(-)

diff --git a/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp b/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp
index 12eba7af..f9482ce5 100644
--- a/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp
+++ b/CASA-auth-token/yast2-casa-ats/src/CasaAts.ycp
@@ -541,6 +541,30 @@ global boolean Write() {
 		if (exit != 0)
 			y2error("Failed to create " + iaRealmsFile);
 
+		// Obtain the uid of casaatsd
+		string uid = "";
+		ret = (map) SCR::Execute(.target.bash_output, "id -u casaatsd");
+		exit = ret["exit"]:-1;
+		if (exit == 0)
+		{
+			string cmd_output = ret["stdout"]:"";
+			list<string> uidComponents = splitstring(cmd_output, "\n");
+			uid = uidComponents[0]:"";
+			y2milestone("casaatsd uid = " + uid);
+
+			// Clear out the credentials that may have been saved in miCASA
+			// for this user.
+			cmd = sformat("CASAcli -r -u %1", uid);
+			ret = (map) SCR::Execute(.target.bash_output, cmd);
+			exit = ret["exit"]:-1;
+			if (exit != 0)
+				y2error("Failed to remove casaatsd credentials");
+		}
+		else
+		{
+			y2error("Failed to obtain casaatsd uid");
+		}
+
 		// Add the real information to auth.policy and iaRealms.xml files
 		map<string, map> realms = (map<string, map>) CasaAts::Settings["CONFIG_CASAATS_REALMS"]:$[];
 		foreach (string key, map realm, realms, {
@@ -589,16 +613,9 @@ global boolean Write() {
 			if (exit != 0)
 				y2error("Failed to set realm " + realmId);
 
-			// Obtain the uid of casaatsd
-			ret = (map) SCR::Execute(.target.bash_output, "id -u casaatsd");
-			exit = ret["exit"]:-1;
-			if (exit == 0)
+			// Save Proxy User Credentials in miCASA if we have the uid of casaatsd
+			if (uid != "")
 			{
-				string cmd_output = ret["stdout"]:"";
-				list<string> uidComponents = splitstring(cmd_output, "\n");
-				string uid = uidComponents[0]:"";
-				y2milestone("casaatsd uid = " + uid);
-
 				// Set the Proxy User Credentials in miCASA
 				cmd = sformat("KEYVALUE=\"%1\" CASAcli -s -u %2 -n %3 -k CN", proxy_username, uid, realmId);
 				ret = (map) SCR::Execute(.target.bash_output, cmd);
@@ -614,7 +631,7 @@ global boolean Write() {
 			}
 			else
 			{
-				y2error("Failed to obtain casaatsd uid");
+				y2error("Not setting proxy credentials in miCASA due to blank uid");
 			}
 		});