You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Ralf Hauser (JIRA)" <ji...@apache.org> on 2006/10/25 06:38:16 UTC
[jira] Created: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
----------------------------------------------------------------------------------------------------------
Key: DIRSERVER-768
URL: http://issues.apache.org/jira/browse/DIRSERVER-768
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 1.0
Environment: all
Reporter: Ralf Hauser
it would be very useful to know whether
- a principal was found at all
- if so, which one and
- whether it contained SECURITY_CREDENTIALS
This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
- "Loop detected (54)"
- or
ldap_bind: Internal (implementation specific) error (80)
additional info: Bind failed: Unexpected exception.
see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-768?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-768:
----------------------------------------
Fix Version/s: (was: 1.5.0)
1.5.2
Not very simple to implement, unless we have some more contextual information. Not vital too. Postponed to 1.5.2
> privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
> ---------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-768
> URL: https://issues.apache.org/jira/browse/DIRSERVER-768
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: all
> Reporter: Ralf Hauser
> Fix For: 1.5.2
>
>
> it would be very useful to know whether
> - a principal was found at all
> - if so, which one and
> - whether it contained SECURITY_CREDENTIALS
> This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
> - "Loop detected (54)"
> - or
> ldap_bind: Internal (implementation specific) error (80)
> additional info: Bind failed: Unexpected exception.
> see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-768?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-768:
----------------------------------------
Fix Version/s: 1.5.0
Sounds a good idea. However, it has been pusched to 1.5 ersion
> privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
> ---------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-768
> URL: https://issues.apache.org/jira/browse/DIRSERVER-768
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: all
> Reporter: Ralf Hauser
> Fix For: 1.5.0
>
>
> it would be very useful to know whether
> - a principal was found at all
> - if so, which one and
> - whether it contained SECURITY_CREDENTIALS
> This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
> - "Loop detected (54)"
> - or
> ldap_bind: Internal (implementation specific) error (80)
> additional info: Bind failed: Unexpected exception.
> see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-768?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-768:
----------------------------------------
Fix Version/s: (was: 1.5.2)
1.5.3
Postponed again...
> privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
> ---------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-768
> URL: https://issues.apache.org/jira/browse/DIRSERVER-768
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: all
> Reporter: Ralf Hauser
> Fix For: 1.5.3
>
>
> it would be very useful to know whether
> - a principal was found at all
> - if so, which one and
> - whether it contained SECURITY_CREDENTIALS
> This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
> - "Loop detected (54)"
> - or
> ldap_bind: Internal (implementation specific) error (80)
> additional info: Bind failed: Unexpected exception.
> see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
Posted by "Ralf Hauser (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-768?page=comments#action_12446047 ]
Ralf Hauser commented on DIRSERVER-768:
---------------------------------------
java.lang.IllegalStateException: Attempted operation by unauthenticated caller.
at org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated(AuthenticationService.java:434)
at org.apache.directory.server.core.authn.AuthenticationService.hasEntry(AuthenticationService.java:257)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.hasEntry(InterceptorChain.java:1326)
... 30 more
is what I am getting.
- what "operation" did it attempt to undertake?
- which caller? It appears that it is ServerLdapContext
- in ctx.env, there is a principal but apparently no Context.SECURITY_CREDENTIALS ("java.naming.security.credentials"), but this also should not cause the execption
{java.naming.factory.initial=org.apache.directory.server.jndi.ServerContextFactory, java.naming.provider.url=ou=system, java.naming.security.principal=uid=admin,ou=system, java.naming.security.authentication=simple, org.apache.directory.server.core.configuration.Configuration=org.apache.directory.server.configuration.MutableServerStartupConfiguration@883644, java.naming.ldap.attributes.binary=[bytecode, 1.2.6.1.4.1.18060.1.1.1.3.22, userpassword, 1.3.6.1.4.1.42.2.27.4.1.8, usersmimecertificate, deltarevocationlist, personalsignature, krb5key, 2.5.4.40, 1.3.6.1.4.1.3401.8.2.3, 0.9.2342.19200300.100.1.7, pgprecondata, 2.5.4.35, photo, crosscertificatepair, 1.3.6.1.4.1.3401.8.2.6, supportedalgorithms, pgpdata, 0.9.2342.19200300.100.1.55, 2.5.4.38, userpkcs12, 0.9.2342.19200300.100.1.60, javaserializeddata, 1.3.6.1.4.1.5322.10.1.10, 2.5.4.37, 2.16.840.1.113730.3.1.40, cacertificate, authorityrevocationlist, certificaterevocationlist, audio, jpegphoto, 2.5.4.52, 2.5.4.36, 2.16.840.1.113730.3.1.216, 2.5.4.53, 2.5.4.39, usercertificate, 0.9.2342.19200300.100.1.53]}
> privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
> ---------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-768
> URL: http://issues.apache.org/jira/browse/DIRSERVER-768
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: all
> Reporter: Ralf Hauser
>
> it would be very useful to know whether
> - a principal was found at all
> - if so, which one and
> - whether it contained SECURITY_CREDENTIALS
> This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
> - "Loop detected (54)"
> - or
> ldap_bind: Internal (implementation specific) error (80)
> additional info: Bind failed: Unexpected exception.
> see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12475474 ]
Alex Karasulu commented on DIRSERVER-768:
-----------------------------------------
How about a patch attachment Ralf?
> privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
> ---------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-768
> URL: https://issues.apache.org/jira/browse/DIRSERVER-768
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: all
> Reporter: Ralf Hauser
> Fix For: 1.5.0
>
>
> it would be very useful to know whether
> - a principal was found at all
> - if so, which one and
> - whether it contained SECURITY_CREDENTIALS
> This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
> - "Loop detected (54)"
> - or
> ldap_bind: Internal (implementation specific) error (80)
> additional info: Bind failed: Unexpected exception.
> see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-768?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny resolved DIRSERVER-768.
-----------------------------------------
Resolution: Fixed
Some log has been added so that the Principal and the Operation are dumped if some unauthenticated user tries to do something not allowed.
The Credentials is never kept in memory for security reasons, so it's always discared and can't be dumped.
Fixed in
http://svn.apache.org/viewvc?rev=655571&view=rev
http://svn.apache.org/viewvc?rev=655572&view=rev
> privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
> ---------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-768
> URL: https://issues.apache.org/jira/browse/DIRSERVER-768
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: all
> Reporter: Ralf Hauser
> Fix For: 1.5.3
>
>
> it would be very useful to know whether
> - a principal was found at all
> - if so, which one and
> - whether it contained SECURITY_CREDENTIALS
> This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
> - "Loop detected (54)"
> - or
> ldap_bind: Internal (implementation specific) error (80)
> additional info: Bind failed: Unexpected exception.
> see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (DIRSERVER-768) privide debug output in
org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-768?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny closed DIRSERVER-768.
---------------------------------------
closed
> privide debug output in org.apache.directory.server.core.authn.AuthenticationService.checkAuthenticated()
> ---------------------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-768
> URL: https://issues.apache.org/jira/browse/DIRSERVER-768
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: all
> Reporter: Ralf Hauser
> Fix For: 1.5.3
>
>
> it would be very useful to know whether
> - a principal was found at all
> - if so, which one and
> - whether it contained SECURITY_CREDENTIALS
> This debug output furthermore could provide some more hint (url to a man page/readme) where to find more about the error codes such as
> - "Loop detected (54)"
> - or
> ldap_bind: Internal (implementation specific) error (80)
> additional info: Bind failed: Unexpected exception.
> see also DIRSERVER-763
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.