You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Michael Scott Shappe (JIRA)" <ji...@apache.org> on 2010/06/30 19:35:50 UTC
[jira] Created: (DIRSERVER-1524) ACI rules stop working for no
reason, must be tweaked to "reawaken"
ACI rules stop working for no reason, must be tweaked to "reawaken"
-------------------------------------------------------------------
Key: DIRSERVER-1524
URL: https://issues.apache.org/jira/browse/DIRSERVER-1524
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 1.5.7
Environment: Ubuntu Lucid, pretty much stock
Reporter: Michael Scott Shappe
Priority: Critical
I have two ACIs set up: one which allows users access to change their passwords; one which allows anonymous search so the system can be used as an authenticator without needing a hard-wired account to bind to.
Every now and then, the anonymous search capability (both as an authenticator and when tried with ldapsearch -x) simply stops working. Killing and restarting the server does not restore it. Editing the ACI in any way, however -- changing its precedence for example -- immediately fixes it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-1524) ACI rules stop working for no
reason, must be tweaked to "reawaken"
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1524?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1524:
-----------------------------------------
Fix Version/s: 2.0.0-RC1
Will be fixed in 2.0-RC1. It's just a matter of updating the cache when restarting the server.
> ACI rules stop working for no reason, must be tweaked to "reawaken"
> -------------------------------------------------------------------
>
> Key: DIRSERVER-1524
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1524
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.7
> Environment: Ubuntu Lucid, pretty much stock
> Reporter: Michael Scott Shappe
> Priority: Critical
> Fix For: 2.0.0-RC1
>
>
> I have two ACIs set up: one which allows users access to change their passwords; one which allows anonymous search so the system can be used as an authenticator without needing a hard-wired account to bind to.
> Every now and then, the anonymous search capability (both as an authenticator and when tried with ldapsearch -x) simply stops working. Killing and restarting the server does not restore it. Editing the ACI in any way, however -- changing its precedence for example -- immediately fixes it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1524) ACI rules stop working for no
reason, must be tweaked to "reawaken"
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12885344#action_12885344 ]
Emmanuel Lecharny commented on DIRSERVER-1524:
----------------------------------------------
No need to provide any ACI.
This is clearly a bug : the ACI cache which is updated when new ACI are added is cleared when the server is shutdown, and is not currently restored when it starts again.
We are working on it, and will probably have a fix for that in the next days.
/me is a but stunned that this problem never popped before :/
> ACI rules stop working for no reason, must be tweaked to "reawaken"
> -------------------------------------------------------------------
>
> Key: DIRSERVER-1524
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1524
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.7
> Environment: Ubuntu Lucid, pretty much stock
> Reporter: Michael Scott Shappe
> Priority: Critical
>
> I have two ACIs set up: one which allows users access to change their passwords; one which allows anonymous search so the system can be used as an authenticator without needing a hard-wired account to bind to.
> Every now and then, the anonymous search capability (both as an authenticator and when tried with ldapsearch -x) simply stops working. Killing and restarting the server does not restore it. Editing the ACI in any way, however -- changing its precedence for example -- immediately fixes it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1524) ACI rules stop working for no
reason, must be tweaked to "reawaken"
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1524?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12884208#action_12884208 ]
Emmanuel Lecharny commented on DIRSERVER-1524:
----------------------------------------------
Ouch !
Seems a serious bug.
Can you provide both ACI so that I cn have a look at what's going on ? I'm currently reviewing the whole ACI subsystem atm...
> ACI rules stop working for no reason, must be tweaked to "reawaken"
> -------------------------------------------------------------------
>
> Key: DIRSERVER-1524
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1524
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.7
> Environment: Ubuntu Lucid, pretty much stock
> Reporter: Michael Scott Shappe
> Priority: Critical
>
> I have two ACIs set up: one which allows users access to change their passwords; one which allows anonymous search so the system can be used as an authenticator without needing a hard-wired account to bind to.
> Every now and then, the anonymous search capability (both as an authenticator and when tried with ldapsearch -x) simply stops working. Killing and restarting the server does not restore it. Editing the ACI in any way, however -- changing its precedence for example -- immediately fixes it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.