| Stefan Zoerner (JIRA) 2006-04-17, 11:57 pm |
| [ http://issues.apache.org/jira/brows...action_12374641 ]
Stefan Zoerner commented on DIRSERVER-606:
------------------------------------------
Able to reproduce. It is just like Marc describes. Starting from a default RC1, I used the admin to add an entry like this:
dn: cn=Fiona Apple,ou=users,ou=system
objectclass: top
objectclass: person
cn: Fiona Apple
sn: Apple
userpassword: machine
Performing a
$ ldapsearch -h localhost -p 10389 -D "cn=Fiona Apple,ou=users,ou=system" -w machine -s one -b "ou=users,ou=system" "(objectClass=*)" dn
gives no results
I assume an error in the OldAuthorizationService component. If I comment this interceptor out in the server.xml (name=oldAuthorizationService), the search op above gives Fionas entry (and all others).
$ ldapsearch -h localhost ...
version: 1
dn: cn=Fiona Apple,ou=users,ou=system
dn: cn=Kate Bush,ou=users,ou=system
$
> ou=users, ou=system - user cannot see their own entry
> -----------------------------------------------------
>
> Key: DIRSERVER-606
> URL: http://issues.apache.org/jira/browse/DIRSERVER-606
> Project: Directory ApacheDS
> Type: Bug
> Versions: 1.0-RC1
> Environment: JDK 1.4.1
> Tried both JXplorer, and from ACEGI security
> Reporter: Marc Batchelor
> Assignee: Stefan Zoerner
> Priority: Critical
>
> User binds to ApacheDS as a user under ou=users, ou=system. The user cannot see their own entry to get their own attributes.
> Documentation states: Users cannot see other user entries under the 'ou=users,ou=system' entry.
> Agreed and understood. But, the user, after binding with the directory, cannot even find their own entry to get their own attributes.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secur...nistrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
|