[
https://issues.apache.org/jira/browse/FC-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14508335#comment-14508335
]
Shawn McKinney edited comment on FC-33 at 4/23/15 2:38 AM:
-----------------------------------------------------------
Trace request/response for each test case:
Successful compare operation:
openldap running local env with suffix dc=example,dc=com
2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry :
'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com'
Attribute description : 'ftopnm'
Attribute value :
'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14
Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com'
Message ID : 30
Compare Response
Ldap Result
Result code : (COMPARE_FALSE) compareFalse
Matched Dn : ''
Diagnostic message : ''
Unsuccessful compare operation
openldap running docker container with suffix dc=openldap,dc=org
2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry :
'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org'
Attribute description : 'ftopnm'
Attribute value :
'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923
Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org'
Message ID : 30
Compare Response
Ldap Result
Result code : (NO_SUCH_OBJECT) noSuchObject
Matched Dn : ''
Diagnostic message : ''
was (Author: smckinney):
Trace request/response for each test case:
Successfull compare operation:
2015-04-22 21:23:022 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry :
'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=example,dc=com'
Attribute description : 'ftopnm'
Attribute value :
'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@25012e14
Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=example,dc=com'
Message ID : 30
Compare Response
Ldap Result
Result code : (COMPARE_FALSE) compareFalse
Matched Dn : ''
Diagnostic message : ''
Unsuccessful compare operation
2015-04-22 21:31:024 DEBUG CODEC_LOG:87 - Encoded message
MessageType : COMPARE_REQUEST
Message ID : 30
Compare request
Entry :
'ftOpNm=top3_1,ftObjNm=tob3_1,ou=Permissions,ou=RBAC,dc=openldap,dc=org'
Attribute description : 'ftopnm'
Attribute value :
'TOP3_1%failed%org.apache.directory.api.ldap.model.message.CompareRequestImpl@8d0d7923
Proxied Authz Control
oid : 2.16.840.1.113730.3.4.18
critical : true
authzid : 'dn: uid=jtsUser1,ou=People,dc=openldap,dc=org'
Message ID : 30
Compare Response
Ldap Result
Result code : (NO_SUCH_OBJECT) noSuchObject
Matched Dn : ''
Diagnostic message : ''
> AuditMgr.getUserAuthZ cannot pull back faileOnly
> ------------------------------------------------
>
> Key: FC-33
> URL: https://issues.apache.org/jira/browse/FC-33
> Project: FORTRESS
> Issue Type: Bug
> Affects Versions: 1.0.0-RC39
> Reporter: Shawn McKinney
> Fix For: 1.0.0
>
>
> This search filter:
> filter += "(" + REQASSERTION + "=" + GlobalIds.AUTH_Z_FAILED_VALUE + ")";
> in AuditDAO.getAllAuthZs does not work. It appears the reqAssertion
> attribute cannot be searched on within the auditCompare object class. Have
> tested with ldapbrowser and does not pull back entries. Will need to come up
> with a work around.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
