Return-Path: X-Original-To: apmail-directory-dev-archive@www.apache.org Delivered-To: apmail-directory-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 039CA175A9 for ; Wed, 22 Apr 2015 01:32:59 +0000 (UTC) Received: (qmail 35937 invoked by uid 500); 22 Apr 2015 01:32:58 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 35882 invoked by uid 500); 22 Apr 2015 01:32:58 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 35871 invoked by uid 99); 22 Apr 2015 01:32:58 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Apr 2015 01:32:58 +0000 Date: Wed, 22 Apr 2015 01:32:58 +0000 (UTC) From: "Shawn McKinney (JIRA)" To: dev@directory.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (FC-33) AuditMgr.getUserAuthZ cannot pull back faileOnly MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14506216#comment-14506216 ] Shawn McKinney commented on FC-33: ---------------------------------- running core junit tests error against opennldap running in docker build openldap-for-apache-fortress-tests. 2015-04-21 19:30:012 INFO LogUtil:57 - SESS-USRS PWPOLICY TU0 Tests run: 113, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 192.697 sec <<< FAILURE! - in org.apache.directory.fortress.core.rbac.FortressJUnitTest testSearchAuthZs(org.apache.directory.fortress.core.rbac.AuditMgrImplTest) Time elapsed: 1.884 sec <<< FAILURE! junit.framework.AssertionFailedError: org.apache.directory.fortress.core.rbac.AuditMgrImplTestsearchAuthZs failedOnly=true, search authorizations user [jtsUser1], objName [TOB3_1], opName [TOP3_1], objId [] at junit.framework.Assert.fail(Assert.java:57) at junit.framework.Assert.assertTrue(Assert.java:22) at junit.framework.TestCase.assertTrue(TestCase.java:192) at org.apache.directory.fortress.core.rbac.AuditMgrImplTest.searchAuthZs(AuditMgrImplTest.java:282) at org.apache.directory.fortress.core.rbac.AuditMgrImplTest.testSearchAuthZs(AuditMgrImplTest.java:247) search fails using this filter: (&(objectClass=auditCompare)(reqDN=ftOpNm=TOP3_1,ftObjNm=TOB3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org)(reqAuthzID=uid=jtsUser1,ou=People,dc=openldap,dc=org)(reqResult=5)) problem is slapo access log entries corresponding to failed fortress authZ are reqResult=32 (not reqResult=5). > AuditMgr.getUserAuthZ cannot pull back faileOnly > ------------------------------------------------ > > Key: FC-33 > URL: https://issues.apache.org/jira/browse/FC-33 > Project: FORTRESS > Issue Type: Bug > Affects Versions: 1.0.0-RC39 > Reporter: Shawn McKinney > Fix For: 1.0.0 > > > This search filter: > filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")"; > in AuditDAO.getAllAuthZs does not work. It appears the reqAssertion attribute cannot be searched on within the auditCompare object class. Have tested with ldapbrowser and does not pull back entries. Will need to come up with a work around. -- This message was sent by Atlassian JIRA (v6.3.4#6332)