Return-Path: X-Original-To: apmail-directory-dev-archive@www.apache.org Delivered-To: apmail-directory-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2E58717A18 for ; Thu, 23 Apr 2015 02:40:44 +0000 (UTC) Received: (qmail 53809 invoked by uid 500); 23 Apr 2015 02:40:39 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 53758 invoked by uid 500); 23 Apr 2015 02:40:39 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 53444 invoked by uid 99); 23 Apr 2015 02:40:39 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Apr 2015 02:40:39 +0000 Date: Thu, 23 Apr 2015 02:40:38 +0000 (UTC) From: "Shawn McKinney (JIRA)" To: dev@directory.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Comment Edited] (FC-33) AuditMgr.getUserAuthZ cannot pull back faileOnly MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14508335#comment-14508335 ] Shawn McKinney edited comment on FC-33 at 4/23/15 2:40 AM: ----------------------------------------------------------- Trace request/response for each test case: 1. Successful compare operation: openldap running local env with suffix dc=example,dc=com 2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message MessageType : COMPARE_REQUEST Message ID : 30 Compare request Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com' Attribute description : 'ftopnm' Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14 Proxied Authz Control oid : 2.16.840.1.113730.3.4.18 critical : true authzid : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com' Message ID : 30 Compare Response Ldap Result Result code : (COMPARE_FALSE) compareFalse Matched Dn : '' Diagnostic message : '' 2. Unsuccessful compare operation openldap running docker container with suffix dc=openldap,dc=org 2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message MessageType : COMPARE_REQUEST Message ID : 30 Compare request Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org' Attribute description : 'ftopnm' Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923 Proxied Authz Control oid : 2.16.840.1.113730.3.4.18 critical : true authzid : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org' Message ID : 30 Compare Response Ldap Result Result code : (NO_SUCH_OBJECT) noSuchObject Matched Dn : '' Diagnostic message : '' was (Author: smckinney): Trace request/response for each test case: Successful compare operation: openldap running local env with suffix dc=example,dc=com 2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message MessageType : COMPARE_REQUEST Message ID : 30 Compare request Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com' Attribute description : 'ftopnm' Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14 Proxied Authz Control oid : 2.16.840.1.113730.3.4.18 critical : true authzid : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com' Message ID : 30 Compare Response Ldap Result Result code : (COMPARE_FALSE) compareFalse Matched Dn : '' Diagnostic message : '' Unsuccessful compare operation openldap running docker container with suffix dc=openldap,dc=org 2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message MessageType : COMPARE_REQUEST Message ID : 30 Compare request Entry : 'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org' Attribute description : 'ftopnm' Attribute value : 'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923 Proxied Authz Control oid : 2.16.840.1.113730.3.4.18 critical : true authzid : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org' Message ID : 30 Compare Response Ldap Result Result code : (NO_SUCH_OBJECT) noSuchObject Matched Dn : '' Diagnostic message : '' > AuditMgr.getUserAuthZ cannot pull back faileOnly > ------------------------------------------------ > > Key: FC-33 > URL: https://issues.apache.org/jira/browse/FC-33 > Project: FORTRESS > Issue Type: Bug > Affects Versions: 1.0.0-RC39 > Reporter: Shawn McKinney > Fix For: 1.0.0 > > > This search filter: > filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")"; > in AuditDAO.getAllAuthZs does not work. It appears the reqAssertion attribute cannot be searched on within the auditCompare object class. Have tested with ldapbrowser and does not pull back entries. Will need to come up with a work around. -- This message was sent by Atlassian JIRA (v6.3.4#6332)