directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andreas Kyrmegalos <andrea...@vivodinet.gr>
Subject Re: Unable to make ACI to work
Date Sun, 15 Jun 2008 19:35:53 GMT
Hello again,
   this is what gets logged when the aci related subentry is created:

[22:07:09] ERROR [org.apache.directory.server.core.authz.TupleCache] - 
ACIItem parser failure on
'null'
due to syntax error. Cannnot add ACITuples to TupleCache.
Check that the syntax of the ACI item is correct.
Until this error is fixed your security settings will not be as expected.
java.text.ParseException: Parser failure on ACIItem:
    {
  identificationTag "directoryManagerFullAccessACI",
  precedence 11,
  authenticationLevel simple,
  itemOrUserFirst userFirst:
  {
    userClasses{name{"uid=testme,ou=people,o=testpar"}},
    userPermissions
    {
      {
        protectedItems{entry},
        
grantsAndDenials{grantAdd,grantDiscloseOnError,grantRead,grantRemove,grantBrowse,grantExport,grantImport,grantModify,grantRename,grantReturnDN}
      },
      {
        protectedItems{allUserAttributeTypesAndValues},
        
grantsAndDenials{grantAdd,grantDiscloseOnError,grantRead,grantRemove,grantCompare,grantFilterMatch,grantInvoke}
      }
    }
  }
}
Antlr exception trace:
unexpected token: {
    at 
org.apache.directory.shared.ldap.aci.ACIItemParser.parse(ACIItemParser.java:128)
    at 
org.apache.directory.server.core.authz.TupleCache.subentryAdded(TupleCache.java:186)
    at 
org.apache.directory.server.core.authz.AuthorizationService.add(AuthorizationService.java:383)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
    at 
org.apache.directory.server.core.referral.ReferralService.add(ReferralService.java:329)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
    at 
org.apache.directory.server.core.authn.AuthenticationService.add(AuthenticationService.java:197)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
    at 
org.apache.directory.server.core.normalization.NormalizationService.add(NormalizationService.java:103)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain.add(InterceptorChain.java:706)
    at 
org.apache.directory.server.core.partition.PartitionNexusProxy.add(PartitionNexusProxy.java:325)
    at 
org.apache.directory.server.core.partition.PartitionNexusProxy.add(PartitionNexusProxy.java:313)
    at 
org.apache.directory.server.core.jndi.ServerDirContext.createSubcontext(ServerDirContext.java:409)
    at javax.naming.directory.InitialDirContext.createSubcontext(Unknown 
Source)
    at 
org.apache.directory.server.ldap.support.AddHandler.messageReceived(AddHandler.java:82)
    at 
org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:144)
    at 
org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler.messageReceived(LdapProtocolProvider.java:403)
    at 
org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:703)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:362)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.access$1200(AbstractIoFilterChain.java:54)
    at 
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:800)
    at 
org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimpleProtocolDecoderOutput.java:60)
    at 
org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:190)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:362)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.access$1200(AbstractIoFilterChain.java:54)
    at 
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:800)
    at 
org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:243)
    at 
org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:305)
    at 
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:665)
    at 
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:690)
    at java.lang.Thread.run(Unknown Source)
[22:07:09] ERROR [org.apache.directory.server.core.authz.TupleCache] - 
ACIItem parser failure on
'null'
due to syntax error. Cannnot add ACITuples to TupleCache.
Check that the syntax of the ACI item is correct.
Until this error is fixed your security settings will not be as expected.
java.text.ParseException: Parser failure on ACIItem:
    {
  identificationTag "allUsersACI",
  precedence 10,
  authenticationLevel none,
  itemOrUserFirst userFirst:
  {
    userClasses{allUsers},
    userPermissions
    {
      {
        protectedItems{entry},
        
grantsAndDenials{grantDiscloseOnError,grantRead,grantBrowse,grantReturnDN}
      },
      {
        protectedItems{allUserAttributeTypesAndValues},
        
grantsAndDenials{grantDiscloseOnError,grantRead,grantCompare,grantFilterMatch}
      },
      {
        protectedItems{attributeType{userPassword}},
        grantsAndDenials{denyRead,denyCompare,denyFilterMatch}
      },
      {
        protectedItems{attributeValue{superUser}},
        grantsAndDenials{denyRead,denyCompare,denyFilterMatch}
      }
    }
  }
}
Antlr exception trace:
unexpected token: {
    at 
org.apache.directory.shared.ldap.aci.ACIItemParser.parse(ACIItemParser.java:128)
    at 
org.apache.directory.server.core.authz.TupleCache.subentryAdded(TupleCache.java:186)
    at 
org.apache.directory.server.core.authz.AuthorizationService.add(AuthorizationService.java:383)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
    at 
org.apache.directory.server.core.referral.ReferralService.add(ReferralService.java:329)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
    at 
org.apache.directory.server.core.authn.AuthenticationService.add(AuthenticationService.java:197)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
    at 
org.apache.directory.server.core.normalization.NormalizationService.add(NormalizationService.java:103)
    at 
org.apache.directory.server.core.interceptor.InterceptorChain.add(InterceptorChain.java:706)
    at 
org.apache.directory.server.core.partition.PartitionNexusProxy.add(PartitionNexusProxy.java:325)
    at 
org.apache.directory.server.core.partition.PartitionNexusProxy.add(PartitionNexusProxy.java:313)
    at 
org.apache.directory.server.core.jndi.ServerDirContext.createSubcontext(ServerDirContext.java:409)
    at javax.naming.directory.InitialDirContext.createSubcontext(Unknown 
Source)
    at 
org.apache.directory.server.ldap.support.AddHandler.messageReceived(AddHandler.java:82)
    at 
org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:144)
    at 
org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler.messageReceived(LdapProtocolProvider.java:403)
    at 
org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:703)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:362)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.access$1200(AbstractIoFilterChain.java:54)
    at 
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:800)
    at 
org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimpleProtocolDecoderOutput.java:60)
    at 
org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:190)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:362)
    at 
org.apache.mina.common.support.AbstractIoFilterChain.access$1200(AbstractIoFilterChain.java:54)
    at 
org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:800)
    at 
org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:243)
    at 
org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:305)
    at 
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:665)
    at 
edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:690)
    at java.lang.Thread.run(Unknown Source)


Hope it helps to shed some light on the matter.

Andreas

Mime
View raw message