[jira] [Commented] (FC-33) AuditMgr.getUserAuthZ cannot pull back faileOnly

Tue, 21 Apr 2015 18:33:06 -0700 

    [ 
https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14506216#comment-14506216
 ] 

Shawn McKinney commented on FC-33:
----------------------------------

running core junit tests error against opennldap running in docker build 
openldap-for-apache-fortress-tests.

2015-04-21 19:30:012 INFO  LogUtil:57 - SESS-USRS PWPOLICY TU0
Tests run: 113, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 192.697 sec 
<<< FAILURE! - in org.apache.directory.fortress.core.rbac.FortressJUnitTest
testSearchAuthZs(org.apache.directory.fortress.core.rbac.AuditMgrImplTest)  
Time elapsed: 1.884 sec  <<< FAILURE!
junit.framework.AssertionFailedError: 
org.apache.directory.fortress.core.rbac.AuditMgrImplTestsearchAuthZs 
failedOnly=true, search authorizations user [jtsUser1], objName [TOB3_1], 
opName [TOP3_1], objId []
        at junit.framework.Assert.fail(Assert.java:57)
        at junit.framework.Assert.assertTrue(Assert.java:22)
        at junit.framework.TestCase.assertTrue(TestCase.java:192)
        at 
org.apache.directory.fortress.core.rbac.AuditMgrImplTest.searchAuthZs(AuditMgrImplTest.java:282)
        at 
org.apache.directory.fortress.core.rbac.AuditMgrImplTest.testSearchAuthZs(AuditMgrImplTest.java:247)


search fails using this filter:
(&(objectClass=auditCompare)(reqDN=ftOpNm=TOP3_1,ftObjNm=TOB3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org)(reqAuthzID=uid=jtsUser1,ou=People,dc=openldap,dc=org)(reqResult=5))

problem is slapo access log entries corresponding to failed fortress authZ are 
reqResult=32 (not reqResult=5).

> AuditMgr.getUserAuthZ cannot pull back faileOnly
> ------------------------------------------------
>
>                 Key: FC-33
>                 URL: https://issues.apache.org/jira/browse/FC-33
>             Project: FORTRESS
>          Issue Type: Bug
>    Affects Versions: 1.0.0-RC39
>            Reporter: Shawn McKinney
>             Fix For: 1.0.0
>
>
> This search filter:
> filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")";
> in AuditDAO.getAllAuthZs does not work.  It appears the reqAssertion 
> attribute cannot be searched on within the auditCompare object class.  Have 
> tested with ldapbrowser and does not pull back entries.  Will need to come up 
> with a work around.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to