directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alex Karasulu (JIRA)" <directory-...@incubator.apache.org>
Subject [jira] Closed: (DIR-126) ACI problem when using com.sun.jndi.ldap.LdapCtxFactory as the INITIAL_CONTEXT_FACTORY
Date Thu, 17 Aug 2006 20:56:16 GMT
     [ http://issues.apache.org/jira/browse/DIR-126?page=all ]

Alex Karasulu closed DIR-126.
-----------------------------

    Resolution: Won't Fix

I'm retiring this issue.  Too old and we need feedback from the reporters.

> ACI problem when using com.sun.jndi.ldap.LdapCtxFactory as the INITIAL_CONTEXT_FACTORY
> --------------------------------------------------------------------------------------
>
>                 Key: DIR-126
>                 URL: http://issues.apache.org/jira/browse/DIR-126
>             Project: Directory
>          Issue Type: Bug
>         Environment: Win XP SP2
> JRE1.5_04
>            Reporter: Tony Blanchard
>         Assigned To: Alex Karasulu
>
> As mentioned by Gianmaria Clerici, 
> the use of com.sun.jndi.ldap.LdapCtxFactory instead of org.apache.ldap.server.jndi.CoreContextFactory
as the INITIAL_CONTEXT_FACTORY makes ACIs not working.
> Here is an explanationof the problem I sent on the list :
> I have some troubles to add some ACIs on ou=system to enable users to do
> what they want with their own entry.
> I added an "accessControlSpecificArea" value to the "administrativeRole"
> attribute on ou=system.
> I used the following subtree specification : "{}" and the following
> value for my  prescriptiveACI on the accesControlSubentry I created
> under ou=system  :
> " { identificationTag "enableUserSelfModification", precedence 1,
> authenticationLevel simple, itemOrUserFirst userFirst:{ userClasses {
> thisEntry }, userPermissions { { protectedItems { entry,
> allUserAttributeTypesAndValues }, grantsAndDenials { grantAdd,
> grantRemove, grantModify, grantFilterMatch, grantCompare, grantRead,
> grantReturnDN, grantBrowse } } } } }"
> When i create a new user with admin rights and try to log under this
> user, i get a 50 error code : noPermission. This is not an 49 error code
> : AuthenticationException 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message