You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2007/04/24 00:49:16 UTC
[jira] Created: (DIRSERVER-912) prescriptivACI OID is not registred
in registries
prescriptivACI OID is not registred in registries
-------------------------------------------------
Key: DIRSERVER-912
URL: https://issues.apache.org/jira/browse/DIRSERVER-912
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 1.5.0
Reporter: Emmanuel Lecharny
Fix For: 1.5.1
When doing a attributeTypeRegistry.lookup( "2.5.24.4" ), we obtain a NPE, while attributeTypeRegistry.lookup( "prescriptiveACI" ) just return the correct AttributeType.
The problem is that the prescriptiveACI's OID is set to 1.3.6.1.4.1.18060.0.4.1.2.12, when it should be 2.5.24.4 (as stated here : http://www.alvestrand.no/objectid/2.5.24.4.html). Here are the declaration in the apache.schema file :
attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.12 NAME 'prescriptiveACI'
DESC 'Access control information that applies to a set of entries'
EQUALITY directoryStringFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
USAGE directoryOperation )
attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.13 NAME 'entryACI'
DESC 'Access control information that applies to a single entry'
EQUALITY directoryStringFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
USAGE directoryOperation )
attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.14 NAME 'subentryACI'
DESC 'Access control information that applies to a single subentry'
EQUALITY directoryStringFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
USAGE directoryOperation )
We can found RFC draft where those elements have a different OID (this draft was a previous version of RFC 2252)
http://tools.ietf.org/html/draft-ietf-asid-ldapv3-attributes-01 states :
"3.4. Standard Operational Attributes
These attributes are defined in X.501(1993) Annexes B through E. All
servers must recognize the attributes "createTimestamp",
"modifyTimestamp", "creatorsName", "modifiersName", "attributeTypes",
"objectClasses" and "subschemaSubentry". Servers implementing X.500
protocols must recognize all of the attributes listed here.
Attribute Type Name OID Syntax
==================== ============ ================
...
accessControlScheme 2.5.24.1 OID
prescriptiveACI 2.5.24.4 ACIItem
entryACI 2.5.24.5 ACIItem
subentryACI 2.5.24.6 ACIItem"
I would sugggest we switch to those OID numbers, to avoid potential problem later (OID are unique if we use Apache OIDs, but as name should not collide either, better fixing this now.)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (DIRSERVER-912) prescriptivACI OID is not registred
in registries
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-912?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny closed DIRSERVER-912.
---------------------------------------
> prescriptivACI OID is not registred in registries
> -------------------------------------------------
>
> Key: DIRSERVER-912
> URL: https://issues.apache.org/jira/browse/DIRSERVER-912
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.0
> Reporter: Emmanuel Lecharny
> Assigned To: Emmanuel Lecharny
> Fix For: 1.5.1
>
>
> When doing a attributeTypeRegistry.lookup( "2.5.24.4" ), we obtain a NPE, while attributeTypeRegistry.lookup( "prescriptiveACI" ) just return the correct AttributeType.
> The problem is that the prescriptiveACI's OID is set to 1.3.6.1.4.1.18060.0.4.1.2.12, when it should be 2.5.24.4 (as stated here : http://www.alvestrand.no/objectid/2.5.24.4.html). Here are the declaration in the apache.schema file :
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.12 NAME 'prescriptiveACI'
> DESC 'Access control information that applies to a set of entries'
> EQUALITY directoryStringFirstComponentMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
> USAGE directoryOperation )
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.13 NAME 'entryACI'
> DESC 'Access control information that applies to a single entry'
> EQUALITY directoryStringFirstComponentMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
> USAGE directoryOperation )
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.14 NAME 'subentryACI'
> DESC 'Access control information that applies to a single subentry'
> EQUALITY directoryStringFirstComponentMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
> USAGE directoryOperation )
> We can found RFC draft where those elements have a different OID (this draft was a previous version of RFC 2252)
> http://tools.ietf.org/html/draft-ietf-asid-ldapv3-attributes-01 states :
> "3.4. Standard Operational Attributes
> These attributes are defined in X.501(1993) Annexes B through E. All
> servers must recognize the attributes "createTimestamp",
> "modifyTimestamp", "creatorsName", "modifiersName", "attributeTypes",
> "objectClasses" and "subschemaSubentry". Servers implementing X.500
> protocols must recognize all of the attributes listed here.
> Attribute Type Name OID Syntax
> ==================== ============ ================
> ...
> accessControlScheme 2.5.24.1 OID
> prescriptiveACI 2.5.24.4 ACIItem
> entryACI 2.5.24.5 ACIItem
> subentryACI 2.5.24.6 ACIItem"
> I would sugggest we switch to those OID numbers, to avoid potential problem later (OID are unique if we use Apache OIDs, but as name should not collide either, better fixing this now.)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DIRSERVER-912) prescriptivACI OID is not
registred in registries
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-912?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny resolved DIRSERVER-912.
-----------------------------------------
Resolution: Fixed
Assignee: Emmanuel Lecharny
Fixed in 1.5.1 :
http://svn.apache.org/viewvc?view=rev&rev=534471
The new OID is now used, so is ofr subentryACI and some more
> prescriptivACI OID is not registred in registries
> -------------------------------------------------
>
> Key: DIRSERVER-912
> URL: https://issues.apache.org/jira/browse/DIRSERVER-912
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.0
> Reporter: Emmanuel Lecharny
> Assigned To: Emmanuel Lecharny
> Fix For: 1.5.1
>
>
> When doing a attributeTypeRegistry.lookup( "2.5.24.4" ), we obtain a NPE, while attributeTypeRegistry.lookup( "prescriptiveACI" ) just return the correct AttributeType.
> The problem is that the prescriptiveACI's OID is set to 1.3.6.1.4.1.18060.0.4.1.2.12, when it should be 2.5.24.4 (as stated here : http://www.alvestrand.no/objectid/2.5.24.4.html). Here are the declaration in the apache.schema file :
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.12 NAME 'prescriptiveACI'
> DESC 'Access control information that applies to a set of entries'
> EQUALITY directoryStringFirstComponentMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
> USAGE directoryOperation )
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.13 NAME 'entryACI'
> DESC 'Access control information that applies to a single entry'
> EQUALITY directoryStringFirstComponentMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
> USAGE directoryOperation )
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.14 NAME 'subentryACI'
> DESC 'Access control information that applies to a single subentry'
> EQUALITY directoryStringFirstComponentMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
> USAGE directoryOperation )
> We can found RFC draft where those elements have a different OID (this draft was a previous version of RFC 2252)
> http://tools.ietf.org/html/draft-ietf-asid-ldapv3-attributes-01 states :
> "3.4. Standard Operational Attributes
> These attributes are defined in X.501(1993) Annexes B through E. All
> servers must recognize the attributes "createTimestamp",
> "modifyTimestamp", "creatorsName", "modifiersName", "attributeTypes",
> "objectClasses" and "subschemaSubentry". Servers implementing X.500
> protocols must recognize all of the attributes listed here.
> Attribute Type Name OID Syntax
> ==================== ============ ================
> ...
> accessControlScheme 2.5.24.1 OID
> prescriptiveACI 2.5.24.4 ACIItem
> entryACI 2.5.24.5 ACIItem
> subentryACI 2.5.24.6 ACIItem"
> I would sugggest we switch to those OID numbers, to avoid potential problem later (OID are unique if we use Apache OIDs, but as name should not collide either, better fixing this now.)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.