Details
Description
I recently upgraded Directory server from version 0.9 to 0.9.3. After the upgradation the JNDI call javax.naming.directory.DirContext.modifyAttributes(String name, ModificationItems[] mods)has stopped working(This call was working without any issue in 0.9). It has started failing with InvalidAttributeIdentifierException. The structure of my application data present in the LDAP server is identical in 0.9.3 to what it was in 0.9, so I am sure the call is able to resolve the name. I have also checked the contents of mods. The attributes are also present. The only difference that I have noticed is the properties file in the 2 cases. In 0.9.3 it is an xml file instead of a properties file. I am using the sample server.xml file that comes with the 0.9.3 source distribution. (In case of 0.9 I was using the sample server.properties file coming with the distribution). Also I use JXplorer as LDAP browser. There also I am noticing the identical behavior. Modification of any attribute was working in case of 0.9. But now with 0.9.3, I am not able to update any attribute through the browser.
After more testing the following is what I found.
While developing my application using 0.9, I created objects in the LDAP like
Attributes orgAttrs = new BasicAttributes(true);
orgAttrs.put(new BasicAttribute("objectclass","organizationalUnit")) ;
orgAttrs.put(new BasicAttribute("activeFlag","A")) ;
orgAttrs.put(new BasicAttribute("description","abcd")) ; .
.
.
ctx.createSubcontext("ou=domain1", orgAttrs);
Please note that I was able to create attribute "activeFlag" in this object even though I didn't do any change/insert in any schema. (description is ofcourse a predefined attribute) After creating this object, I was also able to update the value of this attribute in the following way
ModificationItem[] mods = new ModificationItem[some size here] ;
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(("activeFlag","I"));
mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(("description","abcdNew"));
ctx.modifyAttributes("ou=domain1" , mods) ;
All the above calls were working properly in 0.9.
Now when I upgraded to 0.9.3, the update to activeFlag doesn't work, update to description works. But the creation of both activeFlag and description using the createSubContext call works.
So I think it is to do with schema, but then how does the creation work in the first place?
Following is the server.xml file that I use to start the LDAP server
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="properties">
<props>
<prop key="asn.1.berlib.provider">org.apache.ldap.common.berlib.asn1.SnickersProvider</prop>
<!-prop key="asn.1.berlib.provider">org.apache.asn1new.ldap.TwixProvider</prop->
<prop key="java.naming.security.authentication">simple</prop>
<prop key="java.naming.security.principal">uid=admin,ou=system</prop>
<prop key="java.naming.security.credentials">secret</prop>
<prop key="java.naming.ldap.attributes.binary">photo personalSignature audio jpegPhoto javaSerializedData userPassword userCertificate cACertificate authorityRevocationList certificateRevocationList crossCertificatePair x500UniqueIdentifier krb5Key</prop>
<!-<prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>->
<!-<prop key="kdc.java.naming.security.credentials">secret</prop>->
<!-<prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>->
<!-<prop key="changepw.java.naming.security.credentials">secret</prop>->
</props>
</property>
</bean>
<bean id="configuration" class="org.apache.ldap.server.configuration.MutableServerStartupConfiguration">
<property name="workingDirectory"><value>example.com</value></property>
<Unable to render embedded object: File (-- Uncomment below to have the server load entries on startup) not found. -->
<!-- ldifDirectory property can point to a relative file, directory or -->
<!-- can point to an absolute path to either using the URL path -->
<!-- notation: i.e. file:///Users/jack/apacheds/ldifs -->
<!-- Entries will optionally be filtered using LdifLoadFilters in the -->
<!-- order specified. The included Krb5KdcEntryFilter will filter -->
<!-- kerberos principals creating keys for them using their -->
<!-- userPassword attribute if present. -->
<!--<property name="ldifDirectory">
<value>example.ldif</value>
</property>
<property name="ldifFilters">
<list>
<bean class="org.apache.protocol.common.store.Krb5KdcEntryFilter"/>
</list>
</property>-->
<property name="allowAnonymousAccess"><value>false</value></property>
<property name="accessControlEnabled"><value>false</value></property>
<property name="enableNtp"><value>false</value></property>
<property name="enableKerberos"><value>false</value></property>
<property name="enableChangePassword"><value>false</value></property>
<property name="ldapPort"><value>10389</value></property>
<property name="contextPartitionConfigurations">
<set>
<ref bean="examplePartitionConfiguration"/>
</set>
</property>
<property name="bootstrapSchemas">
<set>
<bean class="org.apache.ldap.server.schema.bootstrap.AutofsSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.CorbaSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.CoreSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.CosineSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.ApacheSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.CollectiveSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.InetorgpersonSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.JavaSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.Krb5kdcSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.NisSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.SystemSchema"/>
<bean class="org.apache.ldap.server.schema.bootstrap.ApachednsSchema"/>
</set>
</property>
<property name="interceptorConfigurations">
<list>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>normalizationService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.normalization.NormalizationService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>authenticationService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.authn.AuthenticationService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>authorizationService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.authz.AuthorizationService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>oldAuthorizationService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.authz.OldAuthorizationService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>exceptionService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.exception.ExceptionService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>schemaService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.schema.SchemaService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>subentryService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.subtree.SubentryService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>operationalAttributeService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.operational.OperationalAttributeService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>collectiveAttributeService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.collective.CollectiveAttributeService" />
</property>
</bean>
<bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
<property name="name"><value>eventService</value></property>
<property name="interceptor">
<bean class="org.apache.ldap.server.event.EventService" />
</property>
</bean>
</list>
</property>
</bean>
<bean id="examplePartitionConfiguration" class="org.apache.ldap.server.configuration.MutableDirectoryPartitionConfiguration">
<property name="name"><value>example</value></property>
<property name="suffix"><value>dc=example,dc=com</value></property>
<property name="indexedAttributes">
<set>
<value>dc</value>
<value>ou</value>
<value>objectClass</value>
<value>krb5PrincipalName</value>
<value>uid</value>
</set>
</property>
<property name="contextEntry">
<value>
objectClass: top
objectClass: domain
objectClass: extensibleObject
dc: example
</value>
</property>
</bean>
<bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
<property name="customEditors">
<map>
<entry key="javax.naming.directory.Attributes">
<bean class="org.apache.ldap.server.configuration.AttributesPropertyEditor"/>
</entry>
</map>
</property>
</bean>
</beans>
Attachments
Issue Links
- blocks
-
DIRSERVER-329 Adding an entry with invalid attribute
-
- Closed
-