[jira] [Commented] (FC-33) AuditMgr.getUserAuthZ cannot pull back faileOnly

Wed, 22 Apr 2015 19:37:45 -0700 

    [ 
https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14508335#comment-14508335
 ] 

Shawn McKinney commented on FC-33:
----------------------------------

Trace request/response for each test case:

Successfull compare operation:

2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message 
 MessageType : COMPARE_REQUEST
Message ID : 30
    Compare request
        Entry : 
'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com'
        Attribute description : 'ftopnm'
        Attribute value : 
'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14
    Proxied Authz Control
        oid : 2.16.840.1.113730.3.4.18
        critical : true
        authzid   : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com'
Message ID : 30
    Compare Response
        Ldap Result
            Result code : (COMPARE_FALSE) compareFalse
            Matched Dn : ''
            Diagnostic message : ''



Unsuccessful compare operation

2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message 
 MessageType : COMPARE_REQUEST
Message ID : 30
    Compare request
        Entry : 
'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org'
        Attribute description : 'ftopnm'
        Attribute value : 
'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923
    Proxied Authz Control
        oid : 2.16.840.1.113730.3.4.18
        critical : true
        authzid   : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org'

Message ID : 30
    Compare Response
        Ldap Result
            Result code : (NO_SUCH_OBJECT) noSuchObject
            Matched Dn : ''
            Diagnostic message : ''


> AuditMgr.getUserAuthZ cannot pull back faileOnly
> ------------------------------------------------
>
>                 Key: FC-33
>                 URL: https://issues.apache.org/jira/browse/FC-33
>             Project: FORTRESS
>          Issue Type: Bug
>    Affects Versions: 1.0.0-RC39
>            Reporter: Shawn McKinney
>             Fix For: 1.0.0
>
>
> This search filter:
> filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")";
> in AuditDAO.getAllAuthZs does not work.  It appears the reqAssertion 
> attribute cannot be searched on within the auditCompare object class.  Have 
> tested with ldapbrowser and does not pull back entries.  Will need to come up 
> with a work around.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to