What does it mean when trusted-auth return "-1"?

As part of trusted auth there are two ways to obtain tickets, each with a slightly different
set of parameters:

  • Method 1 - Ticket granting user
    The ticket request includes the Arcadia username and password for the trusted ticket granter. The ticket granting user account should normally not be an admin/superuser account.

    Example Ticket Request

    curl --data "username=tguser" http://127.0.0.1:8000/arc/trustedauth/getticket
    Ticket Returned: cYvvmRSHSWOOWNCOeve1vA

  • Method 2 - Trusted IP
    The Parent app server is included as part of a list of trusted IPs. In this case, the POST request would only include the Arcadia username – the ticket granting user is not required.

    Example Ticket Request

    curl --data \ "username=arcuser&truserusername=ticketgranter&trustedpassword=trustedpass" \ http://127.0.0.1:8000/arc/trustedauth/getticket
    Ticket Returned: cYvvmRSHSWOOWNCOeve1vA

In the process of obtaining the ticket , the Arcadia server validates the ticket request. If the request is valid and authorized the Arcadia server creates a Ticket and returns it as response to the POST. If there is an error it will return "-1".

So let’s say you have incorrect password, or you don’t have a trusted user configured at all, then the ticket request will return -1 indicating an error was encountered.

curl --data \ "username=arcuser&truserusername=ticketgranter&trustedpassword=trustedpass" \ http://127.0.0.1:8000/arc/trustedauth/getticket
Ticket Returned: -1

At that point you should double check your trusted auth configuration
http://documentation.arcadiadata.com/#pages/topics/trusted-server-config.html#trusted-server-config

1 Like