You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Shawn McKinney (JIRA)" <ji...@apache.org> on 2015/04/23 04:38:38 UTC
[jira] [Comment Edited] (FC-33) AuditMgr.getUserAuthZ cannot pull
back faileOnly
[ https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14508335#comment-14508335 ]
Shawn McKinney edited comment on FC-33 at 4/23/15 2:38 AM:
-----------------------------------------------------------
Trace request/response for each test case:
Successful compare operation:
openldap running local env with suffix dc=example,dc=com
2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com'
Attribute description : 'ftopnm'
Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14 Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com'
Message ID : 30
Compare Response
Ldap Result
Result code : (COMPARE_FALSE) compareFalse
Matched Dn : ''
Diagnostic message : ''
Unsuccessful compare operation
openldap running docker container with suffix dc=openldap,dc=org
2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org'
Attribute description : 'ftopnm'
Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923 Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org'
Message ID : 30
Compare Response
Ldap Result
Result code : (NO_SUCH_OBJECT) noSuchObject
Matched Dn : ''
Diagnostic message : ''
was (Author: smckinney):
Trace request/response for each test case:
Successfull compare operation:
2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com'
Attribute description : 'ftopnm'
Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14 Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com'
Message ID : 30
Compare Response
Ldap Result
Result code : (COMPARE_FALSE) compareFalse
Matched Dn : ''
Diagnostic message : ''
Unsuccessful compare operation
2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org'
Attribute description : 'ftopnm'
Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923 Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org'
Message ID : 30
Compare Response
Ldap Result
Result code : (NO_SUCH_OBJECT) noSuchObject
Matched Dn : ''
Diagnostic message : ''
> AuditMgr.getUserAuthZ cannot pull back faileOnly
> ------------------------------------------------
>
> Key: FC-33
> URL: https://issues.apache.org/jira/browse/FC-33
> Project: FORTRESS
> Issue Type: Bug
> Affects Versions: 1.0.0-RC39
> Reporter: Shawn McKinney
> Fix For: 1.0.0
>
>
> This search filter:
> filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")";
> in AuditDAO.getAllAuthZs does not work. It appears the reqAssertion attribute cannot be searched on within the auditCompare object class. Have tested with ldapbrowser and does not pull back entries. Will need to come up with a work around.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)