[
https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14514070#comment-14514070
]
Shawn McKinney commented on FC-33:
----------------------------------
Those entries are both present on the ldap server running in docker. The
server appears to be functioning correctly because compare on command line
works:
smckinn@ubuntu:~/GIT/fortressDev/directory-fortress-core$ ldapcompare -x -D
"cn=Manager,dc=openldap,dc=org" -w secret -h 172.17.42.1 -p 32768
"ftOpNm=TOP3_1,ftObjNm=TOB3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org"
"ftopnm: TOP3_1”
TRUE
and the user, jtsuser1, is present as well:
smckinn@ubuntu:~/GIT/fortressDev/directory-fortress-core$ ldapcompare -x -D
"cn=Manager,dc=openldap,dc=org" -w secret -h 172.17.42.1 -p 32768
"uid=jtsuser1,ou=People,dc=openldap,dc=org" "uid: jtsuser1”
TRUE
But there is a difference. My program uses the proxy authorization control to
assert the end user’s identity onto the operation. Obviously this isn’t the
case on the command line op. I don’t think that is the problem here, but worth
mentioning.
Shawn McKinney
650-963-7681
> AuditMgr.getUserAuthZ cannot pull back faileOnly
> ------------------------------------------------
>
> Key: FC-33
> URL: https://issues.apache.org/jira/browse/FC-33
> Project: FORTRESS
> Issue Type: Bug
> Affects Versions: 1.0.0-RC39
> Reporter: Shawn McKinney
> Fix For: 1.0.0
>
>
> This search filter:
> filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")";
> in AuditDAO.getAllAuthZs does not work. It appears the reqAssertion
> attribute cannot be searched on within the auditCompare object class. Have
> tested with ldapbrowser and does not pull back entries. Will need to come up
> with a work around.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
