[jira] [Updated] (DIRSERVER-1966) Delete of ACI generates NPE

[Emmanuel Lecharny (JIRA)]

     [ 
https://issues.apache.org/jira/browse/DIRSERVER-1966?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Emmanuel Lecharny updated DIRSERVER-1966:
-----------------------------------------
    Component/s: aci

> Delete of ACI generates NPE
> ---------------------------
>
>                 Key: DIRSERVER-1966
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1966
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: aci
>    Affects Versions: 2.0.0-M16
>         Environment: Studio 2.0.0.v20130628
>            Reporter: Pierre Smits
>            Priority: Major
>
> I have created two ACI for a partition.
> The first ACI  has following content:
> dn: cn=orrtizACISubEntry,dc=orrtiz,dc=com
> objectClass: top
> objectClass: accessControlSubentry
> objectClass: subentry
> cn: orrtizACISubEntry
> prescriptiveACI: { identificationTag "directoryManagerFullAccessACI", preced
>  ence 11, authenticationLevel simple, itemOrUserFirst userFirst: { userClass
>  es { name { "cn=nl04748,ou=users,dc=orrtiz,dc=com" } }, userPermissions { {
>   protectedItems { allUserAttributeTypesAndValues, entry }, grantsAndDenials
>   { grantReturnDN, grantFilterMatch, grantBrowse, grantCompare, grantAdd, gr
>  antInvoke, grantModify, grantImport, grantDiscloseOnError, grantRename, gra
>  ntRemove, grantRead, grantExport } } } } }
> prescriptiveACI: { identificationTag "allUsersACI", precedence 10, authentic
>  ationLevel none, itemOrUserFirst userFirst: { userClasses { allUsers }, use
>  rPermissions { { protectedItems { allUserAttributeTypesAndValues, entry }, 
>  grantsAndDenials { grantReturnDN, grantFilterMatch, grantBrowse, grantCompa
>  re, grantDiscloseOnError, grantRead } }, { protectedItems { attributeType {
>   userPassword } }, grantsAndDenials { denyRead, denyFilterMatch, denyCompar
>  e } } } } }
> subtreeSpecification: { }
> accessControlSubentries: 2.5.4.3=orrtizacisubentry,0.9.2342.19200300.100.1.2
>  5=orrtiz,0.9.2342.19200300.100.1.25=com
> createTimestamp: 20140325202223.905Z
> creatorsName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system
> entryCSN: 20140325202223.905000Z#000000#001#000000
> entryDN: cn=orrtizACISubEntry,dc=orrtiz,dc=com
> entryParentId: a22442b4-f41f-46bb-89d8-e567ed1a5800
> entryUUID:: ZWE0MTQxNTMtMzdjYS00NWU5LWE2ZTItODhkZTU2YTUzYzE2
> The second ACI has following content:
> dn: cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com
> objectClass: top
> objectClass: accessControlSubentry
> objectClass: subentry
> cn: orrtizAuthReqACISubEntry
> prescriptiveACI: { identificationTag "directoryManagerFullAccessACI", preced
>  ence 11, authenticationLevel simple, itemOrUserFirst userFirst: { userClass
>  es { name { "cn=nl04748,ou=users,dc=orrtiz,dc=com" } }, userPermissions { {
>   protectedItems { allUserAttributeTypesAndValues, entry }, grantsAndDenials
>   { grantReturnDN, grantFilterMatch, grantBrowse, grantCompare, grantAdd, gr
>  antInvoke, grantModify, grantImport, grantDiscloseOnError, grantRename, gra
>  ntRemove, grantRead, grantExport } } } } }
> prescriptiveACI: { identificationTag "allUsersACI", precedence 10, authentic
>  ationLevel none, itemOrUserFirst userFirst: { userClasses { allUsers }, use
>  rPermissions { { protectedItems { allUserAttributeTypesAndValues, entry }, 
>  grantsAndDenials { grantReturnDN, grantFilterMatch, grantBrowse, grantCompa
>  re, grantDiscloseOnError, grantRead } }, { protectedItems { attributeType {
>   userPassword } }, grantsAndDenials { denyRead, denyFilterMatch, denyCompar
>  e } } } } }
> subtreeSpecification: { base "dc=orrtiz,dc=com" }
> accessControlSubentries: 2.5.4.3=orrtizacisubentry,0.9.2342.19200300.100.1.2
>  5=orrtiz,0.9.2342.19200300.100.1.25=com
> createTimestamp: 20140325182443.296Z
> creatorsName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system
> entryCSN: 20140325200009.087000Z#000000#001#000000
> entryDN: cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com
> entryParentId: a22442b4-f41f-46bb-89d8-e567ed1a5800
> entryUUID:: MWViMTQxMDktNzEzOC00NzFkLTlmYzEtZTgyMTM1NzI1ZDU1
> modifiersName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system
> modifyTimestamp: 20140325200009.087Z
> The difference between the two is the subtreeSpecifications whereby the first 
> is {}, and the second { base "dc=orrtiz,dc=com" }
> Deleting the first ACI generates no problem. Deleting the second  ACI 
> generates following error:
> #!RESULT ERROR
> #!CONNECTION ldap://director.somonar.prd:389
> #!DATE 2014-03-25T20:38:04.044
> #!ERROR [LDAP: error code 80 - OTHER: failed for MessageType : DEL_REQUEST 
> Message ID : 23     Del request         Entry : 
> 'cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com' 
> org.apache.directory.api.ldap.model.message.DeleteRequestImpl@90241f8: null: 
> java.lang.NullPointerException at 
> org.apache.directory.server.core.subtree.SubentryInterceptor.delete(SubentryInterceptor.java:1043)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.operational.OperationalAttributeInterceptor.delete(OperationalAttributeInterceptor.java:462)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.exception.ExceptionInterceptor.delete(ExceptionInterceptor.java:207)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.admin.AdministrativePointInterceptor.delete(AdministrativePointInterceptor.java:1261)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.delete(DefaultAuthorizationInterceptor.java:172)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.authz.AciAuthorizationInterceptor.delete(AciAuthorizationInterceptor.java:678)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.referral.ReferralInterceptor.delete(ReferralInterceptor.java:288)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.authn.AuthenticationInterceptor.delete(AuthenticationInterceptor.java:749)
>  at 
> org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490)
>  at 
> org.apache.directory.server.core.normalization.NormalizationInterceptor.delete(NormalizationInterceptor.java:174)
>  at 
> org.apache.directory.server.core.DefaultOperationManager.delete(DefaultOperationManager.java:641)
>  at 
> org.apache.directory.server.core.shared.DefaultCoreSession.delete(DefaultCoreSession.java:923)
>  at 
> org.apache.directory.server.core.shared.DefaultCoreSession.delete(DefaultCoreSession.java:906)
>  at 
> org.apache.directory.server.ldap.handlers.request.DeleteRequestHandler.handle(DeleteRequestHandler.java:55)
>  at 
> org.apache.directory.server.ldap.handlers.request.DeleteRequestHandler.handle(DeleteRequestHandler.java:39)
>  at 
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:207)
>  at 
> org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
>  at 
> org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:221)
>  at 
> org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:217)
>  at 
> org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690)
>  at 
> org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417)
>  at 
> org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
>  at 
> org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765)
>  at 
> org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:74) at 
> org.apache.mina.core.session.IoEvent.run(IoEvent.java:63) at 
> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.runTask(UnorderedThreadPoolExecutor.java:474)
>  at 
> org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run(UnorderedThreadPoolExecutor.java:428)
>  at java.lang.Thread.run(Thread.java:662) ]
> dn: cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com
> changetype: delete
> I did this with uid=admin,ou=system.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org
For additional commands, e-mail: dev-h...@directory.apache.org