directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (DIRSERVER-1964) Duplicate DN returned
Date Tue, 21 Apr 2015 08:52:59 GMT

     [ https://issues.apache.org/jira/browse/DIRSERVER-1964?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Emmanuel Lecharny resolved DIRSERVER-1964.
------------------------------------------
    Resolution: Cannot Reproduce

Unless it can be reproducted in 2.0.0-M19, I think this issue does not exist anymore.

> Duplicate DN returned
> ---------------------
>
>                 Key: DIRSERVER-1964
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1964
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.5.7
>            Reporter: Pierre-Luc Lacroix
>
> A single user started complaining that he was unable to login. When looking at the logs,
we noticed the following entry:
> "result: 4 Size limit exceeded"
> Curious, I sent the same ldapsearch request to see why more than one user would be returned:
> # ldapsearch -x -h 192.168.1.150 -p 1850 -D "dc=authserver" -b "dc=authserver" "(&(cn=user50)(ou=UAT))"
-w password -M -z 1 -l 5
> # extended LDIF
> #
> # LDAPv3
> # base <dc=authserver> with scope subtree # filter: (&(cn=user50)(ou=UAT))
# requesting: ALL # with manageDSAit control #
> # user50, UAT, authserver
> dn: cn=user50,ou=UAT,dc=authserver
> sn: user50
> name: user50
> userPassword:: MWYzNGJkMTctMjFhOS00ZDM2LWI4MzgtZDEwNDZmNmZiZGQ3
> objectClass: person
> objectClass: extensibleObject
> objectClass: top
> ou: UAT
> cn: user50
> # search result
> search: 2
> result: 4 Size limit exceeded
> # numResponses: 2
> # numEntries: 1
> Running the same, but with a higher value of -z (-z 1000):
> # ldapsearch -x -h 192.168.1.150 -p 1850 -D "dc=authserver" -b "dc=authserver" "(&(cn=user50)(ou=UAT))"
-w password -M -z 1000 -l 5
> # extended LDIF
> #
> # LDAPv3
> # base <dc=authserver> with scope subtree # filter: (&(cn=user50)(ou=UAT))
# requesting: ALL # with manageDSAit control #
> # user50, UAT, authserver
> dn: cn=user50,ou=UAT,dc=authserver
> sn: user50
> name: user50
> userPassword:: MWYzNGJkMTctMjFhOS00ZDM2LWI4MzgtZDEwNDZmNmZiZGQ3
> objectClass: person
> objectClass: extensibleObject
> objectClass: top
> ou: UAT
> cn: user50
> # user50, UAT, authserver
> dn: cn=user50,ou=UAT,dc=authserver
> sn: user50
> name: user50
> userPassword:: YTg1NTM2MDMtZWQ1NS00OGQ4LWFlNjMtOTRkN2YwMzg1OGFj
> objectClass: person
> objectClass: extensibleObject
> objectClass: top
> ou: UAT
> cn: user50
> # search result
> search: 2
> result: 0 Success
> # numResponses: 3
> # numEntries: 2
> You can see that both entries have the exact same "dn":
> dn: cn=user50,ou=UAT,dc=authserver
> dn: cn=user50,ou=UAT,dc=authserver
> When looking at the code, I tried to reproduce the same issue in a different environment,
but the CoreSession object will actually not allow you to add duplicate entries, throwing
the following exception:
> org.apache.directory.shared.ldap.exception.LdapEntryAlreadyExistsException: ERR_250 cn=user50,ou=UAT,dc=authserver
already exists!
> Is it possible that a bug in ApacheDS has corrupted the internal database?
> Thank you.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message