[jira] Closed: (DIRSERVER-912) prescriptivACI OID is not registred in registries

Wed, 02 May 2007 07:53:38 -0700 

     [ 
https://issues.apache.org/jira/browse/DIRSERVER-912?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Emmanuel Lecharny closed DIRSERVER-912.
---------------------------------------


> prescriptivACI OID is not registred in registries
> -------------------------------------------------
>
>                 Key: DIRSERVER-912
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-912
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 1.5.0
>            Reporter: Emmanuel Lecharny
>         Assigned To: Emmanuel Lecharny
>             Fix For: 1.5.1
>
>
> When doing a attributeTypeRegistry.lookup( "2.5.24.4" ), we obtain a NPE, 
> while attributeTypeRegistry.lookup( "prescriptiveACI" ) just return the 
> correct AttributeType.
> The problem is that the prescriptiveACI's OID is set to 
> 1.3.6.1.4.1.18060.0.4.1.2.12, when it should be 2.5.24.4 (as stated here : 
> http://www.alvestrand.no/objectid/2.5.24.4.html). Here are the declaration in 
> the apache.schema file :
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.12 NAME 'prescriptiveACI'
>   DESC 'Access control information that applies to a set of entries'
>   EQUALITY directoryStringFirstComponentMatch
>   SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
>   USAGE directoryOperation )
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.13 NAME 'entryACI'
>   DESC 'Access control information that applies to a single entry'
>   EQUALITY directoryStringFirstComponentMatch
>   SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
>   USAGE directoryOperation )
> attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.14 NAME 'subentryACI'
>   DESC 'Access control information that applies to a single subentry'
>   EQUALITY directoryStringFirstComponentMatch
>   SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
>   USAGE directoryOperation )
> We can found RFC draft where those elements have a different OID (this draft 
> was a previous version of RFC 2252)
> http://tools.ietf.org/html/draft-ietf-asid-ldapv3-attributes-01 states :
> "3.4. Standard Operational Attributes
>    These attributes are defined in X.501(1993) Annexes B through E.  All
>    servers must recognize the attributes "createTimestamp",
>    "modifyTimestamp", "creatorsName", "modifiersName", "attributeTypes",
>    "objectClasses" and "subschemaSubentry".  Servers implementing X.500
>    protocols must recognize all of the attributes listed here.
>    Attribute Type Name        OID          Syntax
>    ====================       ============ ================
> ...
>    accessControlScheme        2.5.24.1     OID
>    prescriptiveACI            2.5.24.4     ACIItem
>    entryACI                   2.5.24.5     ACIItem
>    subentryACI                2.5.24.6     ACIItem"
> I would sugggest we switch to those OID numbers, to avoid potential problem 
> later (OID are unique if we use Apache OIDs, but as name should not collide 
> either, better fixing this now.)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to