directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Seelmann <seelm...@apache.org>
Subject Re: Handling of dSAOperation attributes
Date Thu, 23 Dec 2010 14:10:34 GMT
Hi Emmanuel,

On Thu, Dec 23, 2010 at 3:06 PM, Emmanuel Lecharny <elecharny@gmail.com> wrote:
> Hi,
>
> I have an issue. When trying to update the seqNumber attribute in an
> AdminsitrativePoint, I get an error :
> org.apache.directory.shared.ldap.exception.LdapNoPermissionException: ERR_52
> Cannot modify the attribute : ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.51
>  NAME 'APSeqNumber'
>  DESC A sequential number used for Administration Point entries
>  EQUALITY integerMatch
>  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
>  SINGLE-VALUE
>  NO-USER-MODIFICATION
>  USAGE dSAOperation
>  )
>
> There is a check that forbid us to modify such an attribute (it can be
> added, deleted, but not replaced)
>
> I'm using the admin users.
>
> Should we allow such a modification when the user is the admin ?

Is the check located in the SchemaInterceptor? If so, I think there
are some Interceptor by-passes to avoid such checks.

Kind Regards,
Stefan

Mime
View raw message