As it's currently implemented if accessControlEnabled is set to false
authz.AuthorizationService does not make any authorization operations and
just bypasses the requests (and responses). So you rproblem may be related
to something different.
I just verified again. By removing just the last close curly brace, the
start fails with the following
~snip~
2007-03-23 18:12:13,062 [Thread-0] WARN 191 TupleCache.subentryAdded -
ACIItem parser failure on 'null'. Cannnot add ACITuples to TupleCache.
java.text.ParseException: Parser failure on ACIItem:
{
identificationTag "enableSearchForADSGenReader_ACI",
precedence 10,
authenticationLevel none,
itemOrUserFirst userFirst:
{
userClasses
{
name { "uid=ADSGenReader,ou=admin,ou=system" }
},
userPermissions
{
{
protectedItems { entry, allUserAttributeTypesAndValues },
grantsAndDenials { grantRead, grantBrowse, grantReturnDN,
grantCompare, grantFilterMatch,
grantDiscloseOnError }
},
{
protectedItems { attributeType { userPassword } },
grantsAndDenials { denyRead, denyCompare, denyFilterMatch }
}
}
}
Antlr exception trace:
expecting CLOSE_CURLY, found 'null'
at org.apache.directory.shared.ldap.aci.ACIItemParser.parse(
ACIItemParser.java:128)
at org.apache.directory.server.core.authz.TupleCache.subentryAdded(
TupleCache.java:186)
~/snip~
This error shows up and the server fails to start regardless of the
accessControlEnabled setting in config.xml.
If you want, I can build up a test case on a OOTB fresh installation to make
sure that it is not related to some of my own jars.
..TQ
