Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 21682 invoked from network); 31 Jul 2008 14:24:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 31 Jul 2008 14:24:53 -0000 Received: (qmail 71407 invoked by uid 500); 31 Jul 2008 14:24:52 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 71202 invoked by uid 500); 31 Jul 2008 14:24:52 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 71191 invoked by uid 99); 31 Jul 2008 14:24:52 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 31 Jul 2008 07:24:52 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.140] (HELO brutus.apache.org) (140.211.11.140) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 31 Jul 2008 14:24:05 +0000 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 1D86F234C181 for ; Thu, 31 Jul 2008 07:24:32 -0700 (PDT) Message-ID: <814297875.1217514272119.JavaMail.jira@brutus> Date: Thu, 31 Jul 2008 07:24:32 -0700 (PDT) From: "Emmanuel Lecharny (JIRA)" To: dev@directory.apache.org Subject: [jira] Commented: (DIRSTUDIO-365) Can't delete entry with studio 1.1.0. works with 1.0.1 In-Reply-To: <294877771.1217497351741.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DIRSTUDIO-365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12618696#action_12618696 ] Emmanuel Lecharny commented on DIRSTUDIO-365: --------------------------------------------- Ok, I think I know what's going on. The 1.2.0 request contains a Tree Delete control, which only administrators can use, so you get the permission error. This has been added in 1.2.0. If the rootDSE contains this control, then the delete request is send with it added. Obviously, when you are not an admin on IDS, you will get a failure ... (http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzahy/rzahycontrols.htm) There is no workaround, except than using an older version ... A fix would be to modify the Delete selection on the browser to ask if the user want to apply the TreeDelete control or not, plus a preference to set it by default, or not. Here are the two decoded PDU : 1.2.0 : ------- 30 67 02 01 10 : MessageId = 16 4A 2B : Delete request cn=testDelete,ou=appli,ou=frisco,O=INTERNET A0 35 : Controls 30 18 04 16 1.2.840.113556.1.4.805 : Tree Delete Control 30 19 04 17 2.16.840.1.113730.3.4.2 : Manage DSA IT LDAPv3 control 1.0.1 : ------- 30 30 02 01 0A : MessageId = 10 4A 2B : Delete request cn=testDelete,ou=appli,ou=frisco,O=INTERNET > Can't delete entry with studio 1.1.0. works with 1.0.1 > ------------------------------------------------------ > > Key: DIRSTUDIO-365 > URL: https://issues.apache.org/jira/browse/DIRSTUDIO-365 > Project: Directory Studio > Issue Type: Bug > Components: studio-ldapbrowser > Affects Versions: 1.1.0 > Environment: Studion 1.1.0 standalone or within an existing eclipse installation. IBM directory server > Reporter: Dominique Jean-Prost > Attachments: 1.0.1, 1.2.0, delete.ldif > > > Using studio 1.0.1, I can delete an entry using the principal I usually use. > With the same connection and studion 1.1.0, it fails telling me Error 50. > !ENTRY org.apache.directory.studio.connection.core 4 4 2008-07-31 11:15:07.806 > !MESSAGE Error while deleting entry > !STACK 0 > javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient Access Rights]; remaining name 'cn=JLS,ou=appli,ou=frisco,o=INTERNET' > at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2993) > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931) > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737) > at com.sun.jndi.ldap.LdapCtx.c_destroySubcontext(LdapCtx.java:826) > at com.sun.jndi.toolkit.ctx.ComponentContext.p_destroySubcontext(ComponentContext.java:653) > at com.sun.jndi.toolkit.ctx.PartialCompositeContext.destroySubcontext(PartialCompositeContext.java:336) > at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper$5.run(JNDIConnectionWrapper.java:717) > at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.runAndMonitor(JNDIConnectionWrapper.java:1047) > at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.checkConnectionAndRunAndMonitor(JNDIConnectionWrapper.java:978) > at org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.deleteEntry(JNDIConnectionWrapper.java:757) > at org.apache.directory.studio.ldapbrowser.core.jobs.DeleteEntriesJob.deleteEntry(DeleteEntriesJob.java:361) > at org.apache.directory.studio.ldapbrowser.core.jobs.DeleteEntriesJob.optimisticDeleteEntryRecursive(DeleteEntriesJob.java:221) > at org.apache.directory.studio.ldapbrowser.core.jobs.DeleteEntriesJob.executeNotificationJob(DeleteEntriesJob.java:143) > at org.apache.directory.studio.ldapbrowser.core.jobs.AbstractNotificationJob.executeAsyncJob(AbstractNotificationJob.java:43) > at org.apache.directory.studio.ldapbrowser.core.jobs.AbstractEclipseJob.run(AbstractEclipseJob.java:101) > at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55) > !SUBENTRY 1 org.apache.directory.studio.connection.core 4 4 2008-07-31 11:15:07.806 > !MESSAGE [LDAP: error code 50 - Insufficient Access Rights] -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.