Yeah I'm on this issue. Let me knock it out.
On 4/19/07, Emmanuel Lecharny (JIRA) <[EMAIL PROTECTED]> wrote:
[
https://issues.apache.org/jira/browse/DIRSERVER-884?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12490144]
Emmanuel Lecharny commented on DIRSERVER-884:
---------------------------------------------
Interesting, Alex,
It would worth it to test this code with 1.5, where the syntaxCheckers are
active, just to check if we are not having an infinite loop.
> Authorization, Prescriptive ACI Bug - Server start fails on bad ACI
Entry
>
-------------------------------------------------------------------------
>
> Key: DIRSERVER-884
> URL: https://issues.apache.org/jira/browse/DIRSERVER-884
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.0.1, 1.5.0
> Environment: Confirmed on Windows XP and Mac OSX 10.4.8
> Reporter: Timothy Quinn
> Assigned To: Alex Karasulu
> Priority: Critical
> Fix For: 1.5.1, 1.0.2
>
>
> :: Summary ::
> ApacheDS server fails to start when a Access Control Subentry exists
that contains a malformed prescriptiveACI. Just by simply removing a single
brace from the ACI, the server startup fails on validation of the entry.
> :: Steps To Reproduce ::
> 1) Installed fresh version of ApacheDS (ok)
> 2) Started Server (ok)
> 3) Connected to server using LDAP Studio (ok)
> 4) Added administrativeRole attribute to entry (ok)
> 5) Added a good ACI Entry (copied from working sever - ok)
> 6) Removed a curly brace from the prescriptiveaci attribute (ok)
> 7) Stopped and restarted server (barf)
> ... Server barfed out the error and server fails to start!:
> ~err_snip~
> TupleCache.subentryAdded - ACIItem parser failure on 'null'. Cannnot add
ACITuples to TupleCache.
> java.text.ParseException: Parser failure on ACIItem:
> {
> identificationTag "enableSearchForAllUsers",
> precedence 14,
> .... ~skipping aci details for lack of relevance to issue~ ...
> }
> Antlr exception trace:
> unexpected token: name
> at org.apache.directory.shared.ldap.aci.ACIItemParser.parse(
ACIItemParser.java:128)
> at
org.apache.directory.server.core.authz.TupleCache.subentryAdded(
TupleCache.java:186)
> at org.apache.directory.server.core.authz.TupleCache.initialize(
TupleCache.java:139)
> at org.apache.directory.server.core.authz.TupleCache.<init>(
TupleCache.java:101)
> ~/err_snip~
> 8) Try turning off accessControlEnabled flag in config.xml (ok)
> 9) Try Starting the server (barf)
> ... This is the most intuitive step to fix it but did not help.
> ... Server will still not start up!
> :: Workaround Steps ::
> 1) Comment out Authorization bean entry in server.xml (ok)
> 2) Restarted server (ok (whew!))
> 3) Connect to and fix bad ACI Entry using LDAP Studio (ok)
> 4) Stop the server (ok)
> 5) Remove Comment of Authorization bean entry in server.xml (ok)
> 6) Restarted server (ok)
> ... YeeeHaaa - Server started without any problems =)
> Notes:
> - See ApacheDS March 2007 Users mailing list thread titled "[ApacheDS
Authorization] HELP - Server will no longer start"
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
