You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by Paul Edwards <Pa...@hyro.com> on 2009/05/19 05:40:15 UTC
Embedded apacheds Again!!!
Guys,
Another quick query....
I have need to modify the schema. I have everything running smoothly (see previous posts to this group...) I have a situation where I need to extend InetOrgPerson. I have this scenario running successfully under OpenLdap. So I modify ou=schema in apacheDS with:
dn: m-oid=2.16.840.1.113730.3.2.22.249, ou=attributeTypes, cn=inetorgperson, ou=schema
m-oid: 2.16.840.1.113730.3.2.22.249
m-substr: caseIgnoreSubstringsMatch
m-syntax: 1.3.6.1.4.1.1466.115.121.1.15
m-equality: caseIgnoreMatch
m-singleValue: TRUE
m-name: accountStatus
m-collective: FALSE
m-obsolete: FALSE
m-usage: USER_APPLICATIONS
objectClass: metaAttributeType
objectClass: metaTop
objectClass: top
m-noUserModification: FALSE
m-description: Account Status
dn: m-oid=2.16.840.1.113730.3.2.22, ou=objectClasses, cn=inetorgperson, ou=schema
m-oid: 2.16.840.1.113730.3.2.22
m-obsolete: FALSE
m-may: accountStatus
objectClass: metaObjectClass
objectClass: metaTop
objectClass: top
m-typeObjectClass: STRUCTURAL
m-name: extendPerson
m-supObjectClass: inetOrgPerson
m-description: Extended InetOrgPerson
I can then connect to the apacheDS with third party ldap tools and see that these changes are present.
I then try to add:
dn: cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
objectclass: top
objectclass: extendPerson
uid: pedwards
sn: Edwards
cn: pedwards
initials: PE
And I get:
LDAP: error code 65 - OBJECT_CLASS_VIOLATION: failed for Add Request
Attribute initials not declared in objectClasses of entry cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
However if I use inetOrgPerson instead of extendPerson, the ldif goes in fine. It seems to me that its ignoring the fact that extendPerson extends inetOrgPerson.
org.apache.directory.shared.ldap.exception.LdapSchemaViolationException: Attribute initials not declared in objectClasses of entry cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
at org.apache.directory.server.core.schema.SchemaInterceptor.assertAllAttributesAllowed(SchemaInterceptor.java:1829)
at org.apache.directory.server.core.schema.SchemaInterceptor.check(SchemaInterceptor.java:1703)
at org.apache.directory.server.core.schema.SchemaInterceptor.add(SchemaInterceptor.java:1787)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.add(OperationalAttributeInterceptor.java:202)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.changelog.ChangeLogInterceptor.add(ChangeLogInterceptor.java:109)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.exception.ExceptionInterceptor.add(ExceptionInterceptor.java:220)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.interceptor.BaseInterceptor.add(BaseInterceptor.java:129)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.add(AciAuthorizationInterceptor.java:448)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.referral.ReferralInterceptor.add(ReferralInterceptor.java:251)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.authn.AuthenticationInterceptor.add(AuthenticationInterceptor.java:212)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
at org.apache.directory.server.core.normalization.NormalizationInterceptor.add(NormalizationInterceptor.java:117)
at org.apache.directory.server.core.interceptor.InterceptorChain.add(InterceptorChain.java:756)
at org.apache.directory.server.core.DefaultOperationManager.add(DefaultOperationManager.java:260)
at org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:183)
at org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:169)
at org.apache.directory.server.ldap.handlers.AddHandler.handle(AddHandler.java:57)
at org.apache.directory.server.ldap.handlers.AddHandler.handle(AddHandler.java:39)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:176)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:232)
at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:194)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:722)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:48)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:802)
at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:59)
at org.apache.mina.core.session.IoEvent.run(IoEvent.java:64)
at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTask(OrderedThreadPoolExecutor.java:552)
at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTasks(OrderedThreadPoolExecutor.java:544)
at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.run(OrderedThreadPoolExecutor.java:488)
at java.lang.Thread.run(Thread.java:619)
--
Paul Edwards
Solutions Engineer
Identity Solutions Practice
---------------------------------------------------------
hyro
W www.hyro.com
Re: Embedded apacheds Again!!!
Posted by Emmanuel Lecharny <el...@apache.org>.
Paul Edwards wrote:
> Thanks... I have raised this issue in Jira... https://issues.apache.org/jira/browse/DIRSERVER-1368
>
> I have also attached two files to it, (one of which is a unit test), which demonstrate this issue.
>
Ok, many thanks !
Hopefully, we will have some time soon to check the problem and give you
some feedback.
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
RE: Embedded apacheds Again!!!
Posted by Paul Edwards <Pa...@hyro.com>.
Thanks... I have raised this issue in Jira... https://issues.apache.org/jira/browse/DIRSERVER-1368
I have also attached two files to it, (one of which is a unit test), which demonstrate this issue.
--
Paul Edwards
Solutions Engineer
Identity Solutions Practice
---------------------------------------------------------
hyro
W www.hyro.com
________________________________________
From: Emmanuel Lecharny [elecharny@gmail.com] On Behalf Of Emmanuel Lecharny [elecharny@apache.org]
Sent: Tuesday, 19 May 2009 5:32 p.m.
To: users@directory.apache.org
Subject: Re: Embedded apacheds Again!!!
Paul Edwards wrote:
> Guys,
>
> Another quick query....
>
Hi,
sounds like there is a problem... We have to check that extending an
existing class and using one of its attribute is permitted by the server.
Can you create a JIRA with the informations you gave in this mail,
adding the server version you are using ? What would be great is to
include the portion of code you are using so that we can reproduce the
problem and debug the server !
Thanks !
> I have need to modify the schema. I have everything running smoothly (see previous posts to this group...) I have a situation where I need to extend InetOrgPerson. I have this scenario running successfully under OpenLdap. So I modify ou=schema in apacheDS with:
>
> dn: m-oid=2.16.840.1.113730.3.2.22.249, ou=attributeTypes, cn=inetorgperson, ou=schema
> m-oid: 2.16.840.1.113730.3.2.22.249
> m-substr: caseIgnoreSubstringsMatch
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.15
> m-equality: caseIgnoreMatch
> m-singleValue: TRUE
> m-name: accountStatus
> m-collective: FALSE
> m-obsolete: FALSE
> m-usage: USER_APPLICATIONS
> objectClass: metaAttributeType
> objectClass: metaTop
> objectClass: top
> m-noUserModification: FALSE
> m-description: Account Status
>
> dn: m-oid=2.16.840.1.113730.3.2.22, ou=objectClasses, cn=inetorgperson, ou=schema
> m-oid: 2.16.840.1.113730.3.2.22
> m-obsolete: FALSE
> m-may: accountStatus
> objectClass: metaObjectClass
> objectClass: metaTop
> objectClass: top
> m-typeObjectClass: STRUCTURAL
> m-name: extendPerson
> m-supObjectClass: inetOrgPerson
> m-description: Extended InetOrgPerson
>
> I can then connect to the apacheDS with third party ldap tools and see that these changes are present.
>
> I then try to add:
> dn: cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
> objectclass: top
> objectclass: extendPerson
> uid: pedwards
> sn: Edwards
> cn: pedwards
> initials: PE
>
> And I get:
> LDAP: error code 65 - OBJECT_CLASS_VIOLATION: failed for Add Request
> Attribute initials not declared in objectClasses of entry cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
>
> However if I use inetOrgPerson instead of extendPerson, the ldif goes in fine. It seems to me that its ignoring the fact that extendPerson extends inetOrgPerson.
>
>
> org.apache.directory.shared.ldap.exception.LdapSchemaViolationException: Attribute initials not declared in objectClasses of entry cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
> at org.apache.directory.server.core.schema.SchemaInterceptor.assertAllAttributesAllowed(SchemaInterceptor.java:1829)
> at org.apache.directory.server.core.schema.SchemaInterceptor.check(SchemaInterceptor.java:1703)
> at org.apache.directory.server.core.schema.SchemaInterceptor.add(SchemaInterceptor.java:1787)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.add(OperationalAttributeInterceptor.java:202)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.changelog.ChangeLogInterceptor.add(ChangeLogInterceptor.java:109)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.exception.ExceptionInterceptor.add(ExceptionInterceptor.java:220)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.interceptor.BaseInterceptor.add(BaseInterceptor.java:129)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.add(AciAuthorizationInterceptor.java:448)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.referral.ReferralInterceptor.add(ReferralInterceptor.java:251)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.authn.AuthenticationInterceptor.add(AuthenticationInterceptor.java:212)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.normalization.NormalizationInterceptor.add(NormalizationInterceptor.java:117)
> at org.apache.directory.server.core.interceptor.InterceptorChain.add(InterceptorChain.java:756)
> at org.apache.directory.server.core.DefaultOperationManager.add(DefaultOperationManager.java:260)
> at org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:183)
> at org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:169)
> at org.apache.directory.server.ldap.handlers.AddHandler.handle(AddHandler.java:57)
> at org.apache.directory.server.ldap.handlers.AddHandler.handle(AddHandler.java:39)
> at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:176)
> at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
> at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:232)
> at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:194)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:722)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:48)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:802)
> at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:59)
> at org.apache.mina.core.session.IoEvent.run(IoEvent.java:64)
> at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTask(OrderedThreadPoolExecutor.java:552)
> at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTasks(OrderedThreadPoolExecutor.java:544)
> at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.run(OrderedThreadPoolExecutor.java:488)
> at java.lang.Thread.run(Thread.java:619)
> --
> Paul Edwards
> Solutions Engineer
> Identity Solutions Practice
> ---------------------------------------------------------
> hyro
>
> W www.hyro.com
>
>
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org
Re: Embedded apacheds Again!!!
Posted by Emmanuel Lecharny <el...@apache.org>.
Paul Edwards wrote:
> Guys,
>
> Another quick query....
>
Hi,
sounds like there is a problem... We have to check that extending an
existing class and using one of its attribute is permitted by the server.
Can you create a JIRA with the informations you gave in this mail,
adding the server version you are using ? What would be great is to
include the portion of code you are using so that we can reproduce the
problem and debug the server !
Thanks !
> I have need to modify the schema. I have everything running smoothly (see previous posts to this group...) I have a situation where I need to extend InetOrgPerson. I have this scenario running successfully under OpenLdap. So I modify ou=schema in apacheDS with:
>
> dn: m-oid=2.16.840.1.113730.3.2.22.249, ou=attributeTypes, cn=inetorgperson, ou=schema
> m-oid: 2.16.840.1.113730.3.2.22.249
> m-substr: caseIgnoreSubstringsMatch
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.15
> m-equality: caseIgnoreMatch
> m-singleValue: TRUE
> m-name: accountStatus
> m-collective: FALSE
> m-obsolete: FALSE
> m-usage: USER_APPLICATIONS
> objectClass: metaAttributeType
> objectClass: metaTop
> objectClass: top
> m-noUserModification: FALSE
> m-description: Account Status
>
> dn: m-oid=2.16.840.1.113730.3.2.22, ou=objectClasses, cn=inetorgperson, ou=schema
> m-oid: 2.16.840.1.113730.3.2.22
> m-obsolete: FALSE
> m-may: accountStatus
> objectClass: metaObjectClass
> objectClass: metaTop
> objectClass: top
> m-typeObjectClass: STRUCTURAL
> m-name: extendPerson
> m-supObjectClass: inetOrgPerson
> m-description: Extended InetOrgPerson
>
> I can then connect to the apacheDS with third party ldap tools and see that these changes are present.
>
> I then try to add:
> dn: cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
> objectclass: top
> objectclass: extendPerson
> uid: pedwards
> sn: Edwards
> cn: pedwards
> initials: PE
>
> And I get:
> LDAP: error code 65 - OBJECT_CLASS_VIOLATION: failed for Add Request
> Attribute initials not declared in objectClasses of entry cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
>
> However if I use inetOrgPerson instead of extendPerson, the ldif goes in fine. It seems to me that its ignoring the fact that extendPerson extends inetOrgPerson.
>
>
> org.apache.directory.shared.ldap.exception.LdapSchemaViolationException: Attribute initials not declared in objectClasses of entry cn=pedwards,ou=People,dc=testdomain,dc=co,dc=nz
> at org.apache.directory.server.core.schema.SchemaInterceptor.assertAllAttributesAllowed(SchemaInterceptor.java:1829)
> at org.apache.directory.server.core.schema.SchemaInterceptor.check(SchemaInterceptor.java:1703)
> at org.apache.directory.server.core.schema.SchemaInterceptor.add(SchemaInterceptor.java:1787)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.add(OperationalAttributeInterceptor.java:202)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.changelog.ChangeLogInterceptor.add(ChangeLogInterceptor.java:109)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.exception.ExceptionInterceptor.add(ExceptionInterceptor.java:220)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.interceptor.BaseInterceptor.add(BaseInterceptor.java:129)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.add(AciAuthorizationInterceptor.java:448)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.referral.ReferralInterceptor.add(ReferralInterceptor.java:251)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.authn.AuthenticationInterceptor.add(AuthenticationInterceptor.java:212)
> at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1196)
> at org.apache.directory.server.core.normalization.NormalizationInterceptor.add(NormalizationInterceptor.java:117)
> at org.apache.directory.server.core.interceptor.InterceptorChain.add(InterceptorChain.java:756)
> at org.apache.directory.server.core.DefaultOperationManager.add(DefaultOperationManager.java:260)
> at org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:183)
> at org.apache.directory.server.core.DefaultCoreSession.add(DefaultCoreSession.java:169)
> at org.apache.directory.server.ldap.handlers.AddHandler.handle(AddHandler.java:57)
> at org.apache.directory.server.ldap.handlers.AddHandler.handle(AddHandler.java:39)
> at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:176)
> at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
> at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:232)
> at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:194)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:722)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:48)
> at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:802)
> at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:59)
> at org.apache.mina.core.session.IoEvent.run(IoEvent.java:64)
> at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTask(OrderedThreadPoolExecutor.java:552)
> at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.runTasks(OrderedThreadPoolExecutor.java:544)
> at org.apache.mina.filter.executor.OrderedThreadPoolExecutor$Worker.run(OrderedThreadPoolExecutor.java:488)
> at java.lang.Thread.run(Thread.java:619)
> --
> Paul Edwards
> Solutions Engineer
> Identity Solutions Practice
> ---------------------------------------------------------
> hyro
>
> W www.hyro.com
>
>
--
--
cordialement, regards,
Emmanuel Lécharny
www.iktek.com
directory.apache.org