directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Adamson <mikeat...@gmail.com>
Subject Re: ACIs not being reloaded after server restart on trunk
Date Tue, 14 Jun 2011 14:23:11 GMT
Hi,

I've done some digging around and found the problem.

I should have been using directoryService.setPartitions to add my custom
partition to the directory service before calling startup rather than
calling addPartition after startup. The problem being that the
AciAuthorizationInteceptor was initializing it's group cache in the startup
and my users and groups are in the custom partition.

Apologies for wasting time.

Mike Adamson

On 13 June 2011 15:03, Mike Adamson <mikeatdot@gmail.com> wrote:

> Hi,
>
> The code I provided is in a StartStopListener in order to start the
> DirectoryService when a web app starts up. After this I import a couple of
> ldif files into the service if the data doesn't already exist.
>
> I updated from trunk last Friday so I should have that fix. I seem to have
> an issue with restarting my server. I'll try debugging into the search and
> see if it I can see anything.
>
> Thanks,
>
> Mike Adamson
>
>
> On 13 June 2011 13:54, Emmanuel Lecharny <elecharny@apache.org> wrote:
>
>>
>>
>> On Mon, Jun 13, 2011 at 2:35 PM, Mike Adamson <mikeatdot@gmail.com>wrote:
>>
>>> Hi,
>>>
>>
>> Hi,
>>
>>>
>>> I am using an embedded DirectoryService instance from trunk. If I start
>>> the service and inject my test data with ACIs they work correctly. E.g.
>>> users can access the data allowed by the ACIs. If I stop the server and
>>> start it again they can't. If I connect to the server as the admin user I
>>> can see that my data is still there and the subEntries are visible they just
>>> don't seem to be being interpreted.
>>>
>>> I remember seeing a message on these forums that this was a bug in 1.5.7
>>> but had been fixed on trunk. I am using the following code to start the
>>> service:
>>>
>>
>> Yes, it was fixed in trunk, and the last fix was applied less than a month
>> ago.
>>
>>
>>>
>>>         InstanceLayout instanceLayout = new InstanceLayout(workingDir);
>>>         instanceLayout.mkdirs();
>>>         initSchemaPartition(instanceLayout.getPartitionsDirectory());
>>>
>>>         directoryService = new DefaultDirectoryService();
>>>         directoryService.setSchemaManager(schemaManager);
>>>         directoryService.setInstanceId(instanceId);
>>>         directoryService.setInstanceLayout(instanceLayout);
>>>
>>>         directoryService.setAccessControlEnabled(true);
>>>         directoryService.setAllowAnonymousAccess(false);
>>>
>>>         Partition systemPartition = createPartition("system",
>>> ServerDNConstants.SYSTEM_DN);
>>>         directoryService.setSystemPartition(systemPartition);
>>>
>>>         directoryService.setDenormalizeOpAttrsEnabled(true);
>>>
>>>         Partition ratPartition = createPartition(partitionId,
>>> partitionDn);
>>>         addIndex(ratPartition, "objectClass", "ou", "uid");
>>>
>>>         SchemaPartition schemaPartition =
>>> directoryService.getSchemaService().getSchemaPartition();
>>>         schemaPartition.setWrappedPartition( schemaLdifPartition );
>>>         schemaPartition.setSchemaManager( schemaManager );
>>>
>>>         directoryService.startup();
>>>
>>>         directoryService.addPartition(ratPartition);
>>>
>>> Is there something more I need to do to reload the ACI cache?
>>>
>>
>> Hmmm, the code you expose won't do anything else than starting the server,
>> no ?
>>
>>
>> --
>> Regards,
>> Cordialement,
>> Emmanuel L├ęcharny
>> www.iktek.com
>>
>
>

Mime
View raw message