Bug 3243

Summary: cas-rights-admin with revoke
Product: CAS/SAML utilities Reporter: Archana Kumar <arckumar@in.ibm.com>
Component: CASAssignee: Rachana Ananthakrishnan <ranantha@mcs.anl.gov>
Status: RESOLVED FIXED    
Severity: normal CC: laura@isi.edu, meder@mcs.anl.gov, millerjj@us.ibm.com, nitswamy@in.ibm.com, paxhia@us.ibm.com, seelbach@us.ibm.com, tboehm@de.ibm.com, vwelch@uiuc.edu
Priority: P3    
Version: 3.9.5   
Target Milestone: 4.0.1   
Hardware: PC   
OS: Linux   

Description From 2005-04-29 01:42:25 
I am able to grant permissions on object group to the user group,
but I am unable to revoke it.

eg:
cas-rights-admin -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" grant 
suGroup objectGroup data serviceAction file_ra add

Also on querying ,
cas-find-policies -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" 
objectGroup data_ra
Applicable policies:
 Policy data:
 PolicyId: 129
 UserGroupName: suGroup
 Object Specification: data_ra
 Object Specification Description: objectGroup
 Action Specification: cas/grantAll
 Action Specification Description: serviceAction
Completed successfully

But revoke fails:

cas-rights-admin -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" revoke  
suGroup objectGroup data serviceAction file_ra add

Revoke rights failed.Revoke with bad object spec description
------- Comment #1 From 2005-05-02 11:25:39 ------- 
Fix committed to trunk and globus_4_0_branch.