directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shawn McKinney (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (FC-33) AuditMgr.getUserAuthZ cannot pull back faileOnly
Date Thu, 23 Apr 2015 02:40:38 GMT

    [ https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14508335#comment-14508335
] 

Shawn McKinney edited comment on FC-33 at 4/23/15 2:40 AM:
-----------------------------------------------------------

Trace request/response for each test case:

1. Successful compare operation:

openldap running local env with suffix dc=example,dc=com

2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message 
 MessageType : COMPARE_REQUEST
Message ID : 30
    Compare request
        Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com'
        Attribute description : 'ftopnm'
        Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14
   Proxied Authz Control
        oid : 2.16.840.1.113730.3.4.18
        critical : true
        authzid   : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com'
Message ID : 30
    Compare Response
        Ldap Result
            Result code : (COMPARE_FALSE) compareFalse
            Matched Dn : ''
            Diagnostic message : ''



2. Unsuccessful compare operation
openldap running docker container with suffix dc=openldap,dc=org
2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message 
 MessageType : COMPARE_REQUEST
Message ID : 30
    Compare request
        Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org'
        Attribute description : 'ftopnm'
        Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923
   Proxied Authz Control
        oid : 2.16.840.1.113730.3.4.18
        critical : true
        authzid   : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org'

Message ID : 30
    Compare Response
        Ldap Result
            Result code : (NO_SUCH_OBJECT) noSuchObject
            Matched Dn : ''
            Diagnostic message : ''



was (Author: smckinney):
Trace request/response for each test case:

Successful compare operation:

openldap running local env with suffix dc=example,dc=com

2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message 
 MessageType : COMPARE_REQUEST
Message ID : 30
    Compare request
        Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com'
        Attribute description : 'ftopnm'
        Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14
   Proxied Authz Control
        oid : 2.16.840.1.113730.3.4.18
        critical : true
        authzid   : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com'
Message ID : 30
    Compare Response
        Ldap Result
            Result code : (COMPARE_FALSE) compareFalse
            Matched Dn : ''
            Diagnostic message : ''



Unsuccessful compare operation
openldap running docker container with suffix dc=openldap,dc=org
2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message 
 MessageType : COMPARE_REQUEST
Message ID : 30
    Compare request
        Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org'
        Attribute description : 'ftopnm'
        Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923
   Proxied Authz Control
        oid : 2.16.840.1.113730.3.4.18
        critical : true
        authzid   : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org'

Message ID : 30
    Compare Response
        Ldap Result
            Result code : (NO_SUCH_OBJECT) noSuchObject
            Matched Dn : ''
            Diagnostic message : ''


> AuditMgr.getUserAuthZ cannot pull back faileOnly
> ------------------------------------------------
>
>                 Key: FC-33
>                 URL: https://issues.apache.org/jira/browse/FC-33
>             Project: FORTRESS
>          Issue Type: Bug
>    Affects Versions: 1.0.0-RC39
>            Reporter: Shawn McKinney
>             Fix For: 1.0.0
>
>
> This search filter:
> filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")";
> in AuditDAO.getAllAuthZs does not work.  It appears the reqAssertion attribute cannot
be searched on within the auditCompare object class.  Have tested with ldapbrowser and does
not pull back entries.  Will need to come up with a work around.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message