You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Nikola Goran Cutura (JIRA)" <ji...@apache.org> on 2006/08/23 12:14:13 UTC
[jira] Created: (DIRSERVER-715) Unable to match entry by X.509
certificate
Unable to match entry by X.509 certificate
------------------------------------------
Key: DIRSERVER-715
URL: http://issues.apache.org/jira/browse/DIRSERVER-715
Project: Directory ApacheDS
Issue Type: Bug
Components: ldap
Affects Versions: 1.0-RC3
Environment: Windows XP, Intel Pentium 4
Reporter: Nikola Goran Cutura
Attachments: no-binary.log, with-binary.log
There is an entry containing valid X.509 certificate. When I attempt to find that entry by that certificate, search fails. There are two variants of search: one uses 'userCrtificate' attribute name and the other uses 'userCrtificate;certificate' attribute name ('binary' may be specified instead of 'certiifcate' - no change). Attached are log files produced in each of the search attempts.
Case 1:
Java statement:
NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate = {0}", new Object[] {cert}, constraints);
produces log as in file ' no-binary.log'
Case 2:
Java statement:
NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate;binary = {0}", new Object[] {cert}, constraints);
produces log as in file 'with-binary.log'
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Assigned: (DIRSERVER-715) Unable to match entry by X.509
certificate
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-715?page=all ]
Alex Karasulu reassigned DIRSERVER-715:
---------------------------------------
Assignee: Alex Karasulu
> Unable to match entry by X.509 certificate
> ------------------------------------------
>
> Key: DIRSERVER-715
> URL: http://issues.apache.org/jira/browse/DIRSERVER-715
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.0-RC3
> Environment: Windows XP, Intel Pentium 4
> Reporter: Nikola Goran Cutura
> Assigned To: Alex Karasulu
> Attachments: LdapTest.java, no-binary.log, test-export.pem, test.ldif, with-binary.log
>
>
> There is an entry containing valid X.509 certificate. When I attempt to find that entry by that certificate, search fails. There are two variants of search: one uses 'userCrtificate' attribute name and the other uses 'userCrtificate;certificate' attribute name ('binary' may be specified instead of 'certiifcate' - no change). Attached are log files produced in each of the search attempts.
> Case 1:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate = {0}", new Object[] {cert}, constraints);
> produces log as in file ' no-binary.log'
> Case 2:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate;binary = {0}", new Object[] {cert}, constraints);
> produces log as in file 'with-binary.log'
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (DIRSERVER-715) Unable to match entry by X.509
certificate
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-715?page=comments#action_12430832 ]
Emmanuel Lecharny commented on DIRSERVER-715:
---------------------------------------------
I confirm, after modification in TwixTransformer, that it has been fixed. Thanks Alex for the great work !
> Unable to match entry by X.509 certificate
> ------------------------------------------
>
> Key: DIRSERVER-715
> URL: http://issues.apache.org/jira/browse/DIRSERVER-715
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.0-RC3
> Environment: Windows XP, Intel Pentium 4
> Reporter: Nikola Goran Cutura
> Assigned To: Alex Karasulu
> Fix For: 1.1.0, 1.0-RC4
>
> Attachments: LdapTest.java, no-binary.log, test-export.pem, test.ldif, with-binary.log
>
>
> There is an entry containing valid X.509 certificate. When I attempt to find that entry by that certificate, search fails. There are two variants of search: one uses 'userCrtificate' attribute name and the other uses 'userCrtificate;certificate' attribute name ('binary' may be specified instead of 'certiifcate' - no change). Attached are log files produced in each of the search attempts.
> Case 1:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate = {0}", new Object[] {cert}, constraints);
> produces log as in file ' no-binary.log'
> Case 2:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate;binary = {0}", new Object[] {cert}, constraints);
> produces log as in file 'with-binary.log'
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (DIRSERVER-715) Unable to match entry by X.509
certificate
Posted by "Nikola Goran Cutura (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-715?page=all ]
Nikola Goran Cutura updated DIRSERVER-715:
------------------------------------------
Attachment: LdapTest.java
test.ldif
test-export.pem
Attached are three files for testing:
test.ldif is a sample directory hierarchy I use for testing. It contains an entry with a certificate that I attempt to find.
test-export.pem is the certificate I use in this testing.
LdapTest is a jUnit test case. It tests whether the entry can be found by a text attribute (successful) and whether same entry can be found by the certificate (unsuccessful). Please update path to the certificate file before runnig the test.
> Unable to match entry by X.509 certificate
> ------------------------------------------
>
> Key: DIRSERVER-715
> URL: http://issues.apache.org/jira/browse/DIRSERVER-715
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.0-RC3
> Environment: Windows XP, Intel Pentium 4
> Reporter: Nikola Goran Cutura
> Attachments: LdapTest.java, no-binary.log, test-export.pem, test.ldif, with-binary.log
>
>
> There is an entry containing valid X.509 certificate. When I attempt to find that entry by that certificate, search fails. There are two variants of search: one uses 'userCrtificate' attribute name and the other uses 'userCrtificate;certificate' attribute name ('binary' may be specified instead of 'certiifcate' - no change). Attached are log files produced in each of the search attempts.
> Case 1:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate = {0}", new Object[] {cert}, constraints);
> produces log as in file ' no-binary.log'
> Case 2:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate;binary = {0}", new Object[] {cert}, constraints);
> produces log as in file 'with-binary.log'
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Closed: (DIRSERVER-715) Unable to match entry by X.509
certificate
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-715?page=all ]
Alex Karasulu closed DIRSERVER-715.
-----------------------------------
Fix Version/s: 1.1.0
1.0-RC4
Resolution: Fixed
Last bit's fixed by Emmanuel and we're golden. Please confirm.
> Unable to match entry by X.509 certificate
> ------------------------------------------
>
> Key: DIRSERVER-715
> URL: http://issues.apache.org/jira/browse/DIRSERVER-715
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.0-RC3
> Environment: Windows XP, Intel Pentium 4
> Reporter: Nikola Goran Cutura
> Assigned To: Alex Karasulu
> Fix For: 1.1.0, 1.0-RC4
>
> Attachments: LdapTest.java, no-binary.log, test-export.pem, test.ldif, with-binary.log
>
>
> There is an entry containing valid X.509 certificate. When I attempt to find that entry by that certificate, search fails. There are two variants of search: one uses 'userCrtificate' attribute name and the other uses 'userCrtificate;certificate' attribute name ('binary' may be specified instead of 'certiifcate' - no change). Attached are log files produced in each of the search attempts.
> Case 1:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate = {0}", new Object[] {cert}, constraints);
> produces log as in file ' no-binary.log'
> Case 2:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate;binary = {0}", new Object[] {cert}, constraints);
> produces log as in file 'with-binary.log'
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (DIRSERVER-715) Unable to match entry by X.509
certificate
Posted by "Ersin Er (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-715?page=comments#action_12429952 ]
Ersin Er commented on DIRSERVER-715:
------------------------------------
If possible a junit test case would also be good.
Thanks Nikola.
> Unable to match entry by X.509 certificate
> ------------------------------------------
>
> Key: DIRSERVER-715
> URL: http://issues.apache.org/jira/browse/DIRSERVER-715
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.0-RC3
> Environment: Windows XP, Intel Pentium 4
> Reporter: Nikola Goran Cutura
> Attachments: no-binary.log, with-binary.log
>
>
> There is an entry containing valid X.509 certificate. When I attempt to find that entry by that certificate, search fails. There are two variants of search: one uses 'userCrtificate' attribute name and the other uses 'userCrtificate;certificate' attribute name ('binary' may be specified instead of 'certiifcate' - no change). Attached are log files produced in each of the search attempts.
> Case 1:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate = {0}", new Object[] {cert}, constraints);
> produces log as in file ' no-binary.log'
> Case 2:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate;binary = {0}", new Object[] {cert}, constraints);
> produces log as in file 'with-binary.log'
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (DIRSERVER-715) Unable to match entry by X.509
certificate
Posted by "Nikola Goran Cutura (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/DIRSERVER-715?page=comments#action_12432537 ]
Nikola Goran Cutura commented on DIRSERVER-715:
-----------------------------------------------
I downloaded 1.0RC4 preview, executed LdapTest and I report the following:
when search filter is specifid as
ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "usercertificate = {0}", new Object[] {cert}, constraints);
or
ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "usercertificate;binary = {0}", new Object[] {cert}, constraints);
nothing is returned and the test fails.
When search filter is specified as
ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "usercertificate = {0}", new Object[] {cert.getEncoded()}, constraints);
proper entry is returned and the test passes.
I can work with the latter though I believe the former is proper.
> Unable to match entry by X.509 certificate
> ------------------------------------------
>
> Key: DIRSERVER-715
> URL: http://issues.apache.org/jira/browse/DIRSERVER-715
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Affects Versions: 1.0-RC3
> Environment: Windows XP, Intel Pentium 4
> Reporter: Nikola Goran Cutura
> Assigned To: Alex Karasulu
> Fix For: 1.1.0, 1.0-RC4
>
> Attachments: LdapTest.java, no-binary.log, test-export.pem, test.ldif, with-binary.log
>
>
> There is an entry containing valid X.509 certificate. When I attempt to find that entry by that certificate, search fails. There are two variants of search: one uses 'userCrtificate' attribute name and the other uses 'userCrtificate;certificate' attribute name ('binary' may be specified instead of 'certiifcate' - no change). Attached are log files produced in each of the search attempts.
> Case 1:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate = {0}", new Object[] {cert}, constraints);
> produces log as in file ' no-binary.log'
> Case 2:
> Java statement:
> NamingEnumeration results = ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com", "userCertificate;binary = {0}", new Object[] {cert}, constraints);
> produces log as in file 'with-binary.log'
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira