Bug 3243 - cas-rights-admin with revoke
: cas-rights-admin with revoke
Status: RESOLVED FIXED
: CAS/SAML utilities
CAS
: 3.9.5
: PC Linux
: P3 normal
: 4.0.1
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2005-04-29 01:42 by
Modified: 2005-05-02 11:25 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2005-04-29 01:42:25
I am able to grant permissions on object group to the user group,
but I am unable to revoke it.

eg:
cas-rights-admin -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" grant 
suGroup objectGroup data serviceAction file_ra add

Also on querying ,
cas-find-policies -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" 
objectGroup data_ra
Applicable policies:
 Policy data:
 PolicyId: 129
 UserGroupName: suGroup
 Object Specification: data_ra
 Object Specification Description: objectGroup
 Action Specification: cas/grantAll
 Action Specification Description: serviceAction
Completed successfully

But revoke fails:

cas-rights-admin -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" revoke  
suGroup objectGroup data serviceAction file_ra add

Revoke rights failed.Revoke with bad object spec description
------- Comment #1 From 2005-05-02 11:25:39 -------
Fix committed to trunk and globus_4_0_branch.