Re: [ApacheDS Authorization] HELP - Server will no longer start

Mon, 26 Mar 2007 12:52:22 -0800 

Sounds like that is the case...

I will be building up an test case on an OOTB installation.

I created the bad ACIItem using an LDLAP Studio.

-TQ

On 3/25/07, Alex Karasulu <[EMAIL PROTECTED]> wrote:


The interceptor's tuple case may still be initialized even though the
interceptor is really not doing any work.  The problem is perhaps due to
it's encountering a bad ACIITem and blowing chunks.

Alex


On 3/24/07, Ersin Er <[EMAIL PROTECTED]> wrote:
>
> On 3/24/07, Tim Quinn <[EMAIL PROTECTED]> wrote:
> >
> > >
> > > As it's currently implemented if accessControlEnabled is set to
false
> > > authz.AuthorizationService does not make any authorization
operations
> > and
> > > just bypasses the requests (and responses). So you rproblem may be
> > related
> > > to something different.
> > >
> >
> >
> > I just verified again. By removing just the last close curly brace,
the
> > start fails with the following
> >
> > ~snip~
> > 2007-03-23 18:12:13,062 [Thread-0] WARN  191 TupleCache.subentryAdded-
> > ACIItem parser failure on 'null'. Cannnot add ACITuples to TupleCache.
> > java.text.ParseException: Parser failure on ACIItem:
> >         {
> >    identificationTag "enableSearchForADSGenReader_ACI",
> >    precedence 10,
> >    authenticationLevel none,
> >    itemOrUserFirst userFirst:
> >    {
> >      userClasses
> >      {
> >        name { "uid=ADSGenReader,ou=admin,ou=system" }
> >      },
> >      userPermissions
> >      {
> >        {
> >          protectedItems { entry, allUserAttributeTypesAndValues },
> >          grantsAndDenials { grantRead, grantBrowse, grantReturnDN,
> >                             grantCompare, grantFilterMatch,
> > grantDiscloseOnError }
> >        },
> >        {
> >          protectedItems { attributeType { userPassword } },
> >          grantsAndDenials { denyRead, denyCompare, denyFilterMatch }
> >        }
> >      }
> > }
> > Antlr exception trace:
> > expecting CLOSE_CURLY, found 'null'
> >         at org.apache.directory.shared.ldap.aci.ACIItemParser.parse(
> > ACIItemParser.java:128)
> >         at
> org.apache.directory.server.core.authz.TupleCache.subentryAdded
> > (
> > TupleCache.java:186)
> > ~/snip~
> >
> > This error shows up and the server fails to start regardless of the
> > accessControlEnabled setting in config.xml.
> >
> > If you want, I can build up a test case on a OOTB fresh installation
to
> > make
> > sure that it is not related to some of my own jars.
>
>
> Test cases are always greatly appreciated :-)
>
> ..TQ
> >
>
>
>
> --
> Ersin
>

Reply via email to