Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.0.2
-
None
-
None
-
Web documentation
Description
Page http://directory.apache.org/apacheds/1.0/userclasses.html has an example for "Combining Multiple UserClass Specification Mechanisms". The example shows the syntax:
userClasses
{
thisEntry,
name
,
name
,
userGroup
},
I've found that this doesn't work. What appears to work (from my code) is:
userClasses {
name
},
The when using the documented syntax, I get the following in the log:
[12:43:10] ERROR [org.apache.directory.server.core.authz.TupleCache] - ACIItem parser failure on
'null'
due to syntax error. Cannnot add ACITuples to TupleCache.
Check that the syntax of the ACI item is correct.
Until this error is fixed your security settings will not be as expected.
java.text.ParseException: Parser failure on ACIItem:
{ identificationTag "userAdminPermissions", precedence 16, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { name
, name
{ "cn=fred,ou=users,dc=mqsoftware,dc=com" }}, userPermissions { { protectedItems
{ entry, allUserAttributeTypesAndValues }, grantsAndDenials
{ grantAdd, grantDiscloseOnError, grantRead, grantRemove, grantBrowse, grantExport, grantImport, grantModify, grantRename, grantReturnDN, grantCompare, grantFilterMatch, grantInvoke } } } } }
Antlr exception trace:
User Classes cannot be duplicated. Adding duplicate keys is not permitted.
at org.apache.directory.shared.ldap.aci.ACIItemParser.parse(ACIItemParser.java:128)
at org.apache.directory.server.core.authz.TupleCache.subentryAdded(TupleCache.java:186)
at org.apache.directory.server.core.authz.AuthorizationService.add(AuthorizationService.java:383)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
at org.apache.directory.server.core.referral.ReferralService.add(ReferralService.java:329)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
at org.apache.directory.server.core.authn.AuthenticationService.add(AuthenticationService.java:197)
at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.add(InterceptorChain.java:1181)
at org.apache.directory.server.core.normalization.NormalizationService.add(NormalizationService.java:103)
at org.apache.directory.server.core.interceptor.InterceptorChain.add(InterceptorChain.java:706)
at org.apache.directory.server.core.partition.PartitionNexusProxy.add(PartitionNexusProxy.java:325)
at org.apache.directory.server.core.partition.PartitionNexusProxy.add(PartitionNexusProxy.java:313)
at org.apache.directory.server.core.jndi.ServerDirContext.createSubcontext(ServerDirContext.java:409)