directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shawn McKinney (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FC-33) AuditMgr.getUserAuthZ cannot pull back faileOnly
Date Wed, 22 Apr 2015 01:32:58 GMT

    [ https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14506216#comment-14506216
] 

Shawn McKinney commented on FC-33:
----------------------------------

running core junit tests error against opennldap running in docker build openldap-for-apache-fortress-tests.

2015-04-21 19:30:012 INFO  LogUtil:57 - SESS-USRS PWPOLICY TU0
Tests run: 113, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 192.697 sec <<<
FAILURE! - in org.apache.directory.fortress.core.rbac.FortressJUnitTest
testSearchAuthZs(org.apache.directory.fortress.core.rbac.AuditMgrImplTest)  Time elapsed:
1.884 sec  <<< FAILURE!
junit.framework.AssertionFailedError: org.apache.directory.fortress.core.rbac.AuditMgrImplTestsearchAuthZs
failedOnly=true, search authorizations user [jtsUser1], objName [TOB3_1], opName [TOP3_1],
objId []
	at junit.framework.Assert.fail(Assert.java:57)
	at junit.framework.Assert.assertTrue(Assert.java:22)
	at junit.framework.TestCase.assertTrue(TestCase.java:192)
	at org.apache.directory.fortress.core.rbac.AuditMgrImplTest.searchAuthZs(AuditMgrImplTest.java:282)
	at org.apache.directory.fortress.core.rbac.AuditMgrImplTest.testSearchAuthZs(AuditMgrImplTest.java:247)


search fails using this filter:
(&(objectClass=auditCompare)(reqDN=ftOpNm=TOP3_1,ftObjNm=TOB3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org)(reqAuthzID=uid=jtsUser1,ou=People,dc=openldap,dc=org)(reqResult=5))

problem is slapo access log entries corresponding to failed fortress authZ are reqResult=32
(not reqResult=5).

> AuditMgr.getUserAuthZ cannot pull back faileOnly
> ------------------------------------------------
>
>                 Key: FC-33
>                 URL: https://issues.apache.org/jira/browse/FC-33
>             Project: FORTRESS
>          Issue Type: Bug
>    Affects Versions: 1.0.0-RC39
>            Reporter: Shawn McKinney
>             Fix For: 1.0.0
>
>
> This search filter:
> filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")";
> in AuditDAO.getAllAuthZs does not work.  It appears the reqAssertion attribute cannot
be searched on within the auditCompare object class.  Have tested with ldapbrowser and does
not pull back entries.  Will need to come up with a work around.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message