[jira] Commented: (DIRSTUDIO-365) Can't delete entry with studio 1.1.0. works with 1.0.1

[Emmanuel Lecharny (JIRA)]

    [ 
https://issues.apache.org/jira/browse/DIRSTUDIO-365?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12618696#action_12618696
 ] 

Emmanuel Lecharny commented on DIRSTUDIO-365:
---------------------------------------------

Ok, I think I know what's going on. 

The 1.2.0 request contains a Tree Delete control, which only administrators can 
use, so you get the permission error. 
This has been added in 1.2.0. If the rootDSE contains this control, then the 
delete request is send with it added. Obviously, when you are not an admin on 
IDS, you will get a failure ... 
(http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzahy/rzahycontrols.htm)

There is no workaround, except than using an older version ...

A fix would be to modify the Delete selection on the browser to ask if the user 
want to apply the TreeDelete control or not, plus a preference to set it by 
default, or not.

Here are the two decoded PDU :

1.2.0 :
-------
30 67
  02 01 10 : MessageId = 16
  4A 2B : Delete request
    cn=testDelete,ou=appli,ou=frisco,O=INTERNET
  A0 35 : Controls
    30 18 
      04 16
        1.2.840.113556.1.4.805 : Tree Delete Control

    30 19
      04 17
        2.16.840.1.113730.3.4.2 : Manage DSA IT LDAPv3 control


1.0.1 :
-------
30 30
  02 01 0A : MessageId = 10
  4A 2B : Delete request
    cn=testDelete,ou=appli,ou=frisco,O=INTERNET


> Can't delete entry with studio 1.1.0. works with 1.0.1
> ------------------------------------------------------
>
>                 Key: DIRSTUDIO-365
>                 URL: https://issues.apache.org/jira/browse/DIRSTUDIO-365
>             Project: Directory Studio
>          Issue Type: Bug
>          Components: studio-ldapbrowser
>    Affects Versions: 1.1.0
>         Environment: Studion 1.1.0 standalone or within an existing eclipse 
> installation. IBM directory server 
>            Reporter: Dominique Jean-Prost
>         Attachments: 1.0.1, 1.2.0, delete.ldif
>
>
> Using studio 1.0.1, I can delete an entry using the principal I usually use.
> With the same connection and studion 1.1.0, it fails telling me Error 50.
> !ENTRY org.apache.directory.studio.connection.core 4 4 2008-07-31 11:15:07.806
> !MESSAGE Error while deleting entry
> !STACK 0
> javax.naming.NoPermissionException: [LDAP: error code 50 - Insufficient 
> Access Rights]; remaining name 'cn=JLS,ou=appli,ou=frisco,o=INTERNET'
>       at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2993)
>       at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
>       at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
>       at com.sun.jndi.ldap.LdapCtx.c_destroySubcontext(LdapCtx.java:826)
>       at 
> com.sun.jndi.toolkit.ctx.ComponentContext.p_destroySubcontext(ComponentContext.java:653)
>       at 
> com.sun.jndi.toolkit.ctx.PartialCompositeContext.destroySubcontext(PartialCompositeContext.java:336)
>       at 
> org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper$5.run(JNDIConnectionWrapper.java:717)
>       at 
> org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.runAndMonitor(JNDIConnectionWrapper.java:1047)
>       at 
> org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.checkConnectionAndRunAndMonitor(JNDIConnectionWrapper.java:978)
>       at 
> org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.deleteEntry(JNDIConnectionWrapper.java:757)
>       at 
> org.apache.directory.studio.ldapbrowser.core.jobs.DeleteEntriesJob.deleteEntry(DeleteEntriesJob.java:361)
>       at 
> org.apache.directory.studio.ldapbrowser.core.jobs.DeleteEntriesJob.optimisticDeleteEntryRecursive(DeleteEntriesJob.java:221)
>       at 
> org.apache.directory.studio.ldapbrowser.core.jobs.DeleteEntriesJob.executeNotificationJob(DeleteEntriesJob.java:143)
>       at 
> org.apache.directory.studio.ldapbrowser.core.jobs.AbstractNotificationJob.executeAsyncJob(AbstractNotificationJob.java:43)
>       at 
> org.apache.directory.studio.ldapbrowser.core.jobs.AbstractEclipseJob.run(AbstractEclipseJob.java:101)
>       at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
> !SUBENTRY 1 org.apache.directory.studio.connection.core 4 4 2008-07-31 
> 11:15:07.806
> !MESSAGE [LDAP: error code 50 - Insufficient Access Rights]

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.