directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Zoerner (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DIRSERVER-606) ou=users, ou=system - user cannot see their own entry
Date Mon, 24 Apr 2006 10:09:07 GMT
     [ http://issues.apache.org/jira/browse/DIRSERVER-606?page=all ]

Stefan Zoerner updated DIRSERVER-606:
-------------------------------------

    Attachment: patch_DIRSERVER-606_2.txt

Emmanuel, I recommend to fix it like this (attached file patch_DIRSERVER-606_2.txt) instead.
Your proposal has two disadvantages (as far as I understand the situation):

1) Call to DnParser.parse is not synchronized (I assume it should, because other calls in
the class are)

2) At least one case is not fixed:

$ ldapsearch -h localhost -p 10389 -D "uid=admin,ou=system" -w ***** -b "uid= admin,ou=system"
"(objectClass=*)" dn

display the admin entry, but 

$ ldapsearch -h localhost -p 10389 -D "uid=Admin,ou=system" -w ***** -b "uid= admin,ou=system"
"(objectClass=*)" dn

does not (it displays nothing), because principalDn is not normalized in isSearchable for
all cases. We should consider to normalize all principalDn occurrences in this class. There
might be other problems due to the many LdapName.equals() calls.

> ou=users, ou=system - user cannot see their own entry
> -----------------------------------------------------
>
>          Key: DIRSERVER-606
>          URL: http://issues.apache.org/jira/browse/DIRSERVER-606
>      Project: Directory ApacheDS
>         Type: Bug

>     Versions: 1.0-RC1
>  Environment: JDK 1.4.1
> Tried both JXplorer, and from ACEGI security
>     Reporter: Marc Batchelor
>     Assignee: Stefan Zoerner
>     Priority: Critical
>  Attachments: patch.txt, patch_DIRSERVER-606_2.txt
>
> User binds to ApacheDS as a user under ou=users, ou=system. The user cannot see their
own entry to get their own attributes.
> Documentation states: Users cannot see other user entries under the 'ou=users,ou=system'
entry.
> Agreed and understood. But, the user, after binding with the directory, cannot even find
their own entry to get their own attributes. 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message