Re: [Openca-Users] Error 6293005: Access_control configuration error

[Michael Bell]

Hi Michael,
Michael Konietzka wrote:
Configuration error: The xml path to the access control is missing 
(/usr/local/ra//OpenCA/etc/access_control/pub.xml: 
access_control/acl_config/map_role).
Configuration error: 6293005

I am a little confused about this error, because in the pub.xml I have 
map_role:

<acl_config>
            <acl>no</acl>
            <list>/usr/local/ra/OpenCA/etc/rbac/acl.xml</list>
            <command_dir>/usr/local/ra//OpenCA/etc/rbac/cmds</command_dir>
            <module_id>32</module_id>
            
<ca_cert>/usr/local/ra//OpenCA/var/crypto/cacerts/cacert.pem</ca_cert>
            <map_role>no</map_role>
            <map_operations></map_operations>
</acl_config>

I looked in AC.pm:
   ## should we map the user to a role?
    $self->{acl}->{map_role} = $self->{cache}->get_xpath (
                                    FILENAME => $self->{configfile},
                                    XPATH    => 
'access_control/acl_config/map_role');
    if (not $self->{acl}->{map_role}) {
        $self->setError (6293005,
            $self->{gettext} ("The xml path to the access control is 
missing (__FILENAME__: access_control/acl_config/map_role).",
                              "__FILENAME__", $self->{configfile}));
        return undef;
    }
1. Do there be any errormessages in xml-chache.log?
2. Please run "xmllint -format pub.xml". If it outputs a correct XML 
file then all is ok.

3. map_role must always be "no" in pub.xml because user will never be 
authenticated (by default). This was wrong for one day after an ACL update.

BTW did you restart OpenCA after you updated the files?
Michael
--
-------------------------------------------------------------------
Michael Bell                   Email: [EMAIL PROTECTED]
ZE Computer- und Medienservice            Tel.: +49 (0)30-2093 2482
(Computing Centre)                        Fax:  +49 (0)30-2093 2704
Humboldt-University of Berlin
Unter den Linden 6
10099 Berlin                   Email (private): [EMAIL PROTECTED]
Germany                                       http://www.openca.org
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users