directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DIRSERVER-1308) Can't delete objectClass with mandatory attribute
Date Sun, 08 Feb 2009 10:51:01 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1308?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12671570#action_12671570
] 

Emmanuel Lecharny commented on DIRSERVER-1308:
----------------------------------------------

The way the modify operation is implemented make it impossible to apply this modification
in one single operation. Even if you swap both changes, as we check against the schema each
single change, you will get an error.

I think we should do this check after having applied all the modifications and only then.


In any case, the modification operation has to be reviewed entirely, the schema code for it
is overly complex...

> Can't delete objectClass with mandatory attribute
> -------------------------------------------------
>
>                 Key: DIRSERVER-1308
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1308
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: schema
>    Affects Versions: 1.5.4
>            Reporter: Stefan Seelmann
>
> It's not possible to delete an objectClass with an mandatory attribute from an entry.
In my example I tried to delete object Class krb5Principal and attribue krb5PrincipalName
in one request:
> --------------------------------------------------
> dn: cn=test,ou=users,ou=system
> changetype: modify
> delete: krb5PrincipalName
> -
> delete: objectClass
> objectClass: krb5Principal
> -
> --------------------------------------------------
> Here is ther server's log:
> -------------------------------------------------------------
> [11:16:22] ERROR [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler]
- OBJECT_CLASS_VIOLATION: failed for     Modify Request
>         Object : '2.5.4.3=test2,2.5.4.11=users,2.5.4.11=system'
>             Modification[0]
>                 Operation :  delete
>                 Modification
>     krb5principalname: (null)
>             Modification[1]
>                 Operation :  delete
>                 Modification
>     objectclass: krb5Principal
> : Attribute krb5PrincipalName not declared in objectClasses of entry cn=test2,ou=users,ou=system
> org.apache.directory.shared.ldap.exception.LdapSchemaViolationException: Attribute krb5PrincipalName
not declared in objectClasses of entry cn=test2,ou=users,ou=system
> 	at org.apache.directory.server.core.schema.SchemaInterceptor.assertAllAttributesAllowed(SchemaInterceptor.java:1861)
> 	at org.apache.directory.server.core.schema.SchemaInterceptor.check(SchemaInterceptor.java:1692)
> 	at org.apache.directory.server.core.schema.SchemaInterceptor.modify(SchemaInterceptor.java:1424)
> 	at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
> 	at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.modify(OperationalAttributeInterceptor.java:198)
> 	at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
> 	at org.apache.directory.server.core.exception.ExceptionInterceptor.modify(ExceptionInterceptor.java:367)
> 	at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
> 	at org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.modify(DefaultAuthorizationInterceptor.java:272)
> 	at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
> 	at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.modify(AciAuthorizationInterceptor.java:565)
> 	at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
> 	at org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:337)
> 	at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
> 	at org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:127)
> 	at org.apache.directory.server.core.interceptor.InterceptorChain.modify(InterceptorChain.java:814)
> 	at org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:289)
> 	at org.apache.directory.server.core.DefaultCoreSession.modify(DefaultCoreSession.java:419)
> 	at org.apache.directory.server.ldap.handlers.ModifyHandler.handleIgnoringReferrals(ModifyHandler.java:58)
> 	at org.apache.directory.server.ldap.handlers.ModifyHandler.handleIgnoringReferrals(ModifyHandler.java:40)
> 	at org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handleWithReferrals(ReferralAwareRequestHandler.java:442)
> 	at org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handle(ReferralAwareRequestHandler.java:150)
> 	at org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handle(ReferralAwareRequestHandler.java:66)
> 	at org.apache.directory.server.ldap.handlers.LdapRequestHandler.messageReceived(LdapRequestHandler.java:171)
> 	at org.apache.directory.server.ldap.handlers.LdapRequestHandler.messageReceived(LdapRequestHandler.java:46)
> 	at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:141)
> 	at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:181)
> 	at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:570)
> 	at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
> 	at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
> 	at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
> 	at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimpleProtocolDecoderOutput.java:58)
> 	at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:180)
> 	at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
> 	at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
> 	at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
> 	at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:220)
> 	at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:264)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
> 	at java.lang.Thread.run(Thread.java:595)
> --------------------------------------------------
> BTW: It's no problem to add a new objectClass with a mandatory attribute to an entry:
> --------------------------------------------------
> dn: cn=test,ou=users,ou=system
> changetype: modify
> add: objectClass
> objectClass: krb5Principal
> -
> add: krb5PrincipalName
> krb5PrincipalName: test
> -
> --------------------------------------------------

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message