Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-1308

Can't delete objectClass with mandatory attribute

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.5.4
    • 1.5.5
    • schema
    • None

    Description

      It's not possible to delete an objectClass with an mandatory attribute from an entry. In my example I tried to delete object Class krb5Principal and attribue krb5PrincipalName in one request:

      --------------------------------------------------
      dn: cn=test,ou=users,ou=system
      changetype: modify
      delete: krb5PrincipalName
      -
      delete: objectClass
      objectClass: krb5Principal
      -
      --------------------------------------------------

      Here is ther server's log:
      -------------------------------------------------------------
      [11:16:22] ERROR [org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler] - OBJECT_CLASS_VIOLATION: failed for Modify Request
      Object : '2.5.4.3=test2,2.5.4.11=users,2.5.4.11=system'
      Modification[0]
      Operation : delete
      Modification
      krb5principalname: (null)
      Modification[1]
      Operation : delete
      Modification
      objectclass: krb5Principal
      : Attribute krb5PrincipalName not declared in objectClasses of entry cn=test2,ou=users,ou=system
      org.apache.directory.shared.ldap.exception.LdapSchemaViolationException: Attribute krb5PrincipalName not declared in objectClasses of entry cn=test2,ou=users,ou=system
      at org.apache.directory.server.core.schema.SchemaInterceptor.assertAllAttributesAllowed(SchemaInterceptor.java:1861)
      at org.apache.directory.server.core.schema.SchemaInterceptor.check(SchemaInterceptor.java:1692)
      at org.apache.directory.server.core.schema.SchemaInterceptor.modify(SchemaInterceptor.java:1424)
      at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
      at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.modify(OperationalAttributeInterceptor.java:198)
      at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
      at org.apache.directory.server.core.exception.ExceptionInterceptor.modify(ExceptionInterceptor.java:367)
      at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
      at org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.modify(DefaultAuthorizationInterceptor.java:272)
      at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
      at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.modify(AciAuthorizationInterceptor.java:565)
      at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
      at org.apache.directory.server.core.authn.AuthenticationInterceptor.modify(AuthenticationInterceptor.java:337)
      at org.apache.directory.server.core.interceptor.InterceptorChain$Entry$1.modify(InterceptorChain.java:1209)
      at org.apache.directory.server.core.normalization.NormalizationInterceptor.modify(NormalizationInterceptor.java:127)
      at org.apache.directory.server.core.interceptor.InterceptorChain.modify(InterceptorChain.java:814)
      at org.apache.directory.server.core.DefaultOperationManager.modify(DefaultOperationManager.java:289)
      at org.apache.directory.server.core.DefaultCoreSession.modify(DefaultCoreSession.java:419)
      at org.apache.directory.server.ldap.handlers.ModifyHandler.handleIgnoringReferrals(ModifyHandler.java:58)
      at org.apache.directory.server.ldap.handlers.ModifyHandler.handleIgnoringReferrals(ModifyHandler.java:40)
      at org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handleWithReferrals(ReferralAwareRequestHandler.java:442)
      at org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handle(ReferralAwareRequestHandler.java:150)
      at org.apache.directory.server.ldap.handlers.ReferralAwareRequestHandler.handle(ReferralAwareRequestHandler.java:66)
      at org.apache.directory.server.ldap.handlers.LdapRequestHandler.messageReceived(LdapRequestHandler.java:171)
      at org.apache.directory.server.ldap.handlers.LdapRequestHandler.messageReceived(LdapRequestHandler.java:46)
      at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:141)
      at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:181)
      at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived(AbstractIoFilterChain.java:570)
      at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
      at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
      at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
      at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimpleProtocolDecoderOutput.java:58)
      at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:180)
      at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
      at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
      at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
      at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:220)
      at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:264)
      at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
      at java.lang.Thread.run(Thread.java:595)
      --------------------------------------------------

      BTW: It's no problem to add a new objectClass with a mandatory attribute to an entry:
      --------------------------------------------------
      dn: cn=test,ou=users,ou=system
      changetype: modify
      add: objectClass
      objectClass: krb5Principal
      -
      add: krb5PrincipalName
      krb5PrincipalName: test
      -
      --------------------------------------------------

      Attachments

        Activity

          People

            seelmann Stefan Seelmann
            seelmann Stefan Seelmann
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: