Bug 3243 – cas-rights-admin with revoke

Bug 3243 - cas-rights-admin with revoke

Summary:

cas-rights-admin with revoke

Status:	RESOLVED FIXED

Product:	CAS/SAML utilities
Component:	CAS
Version:	3.9.5
Platform:	PC Linux

Importance:	P3 normal
Target Milestone:	4.0.1
Assigned To:	Rachana Ananthakrishnan

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2005-04-29 01:42 by Archana Kumar
Modified:	2005-05-02 11:25 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Archana Kumar 2005-04-29 01:42:25

I am able to grant permissions on object group to the user group,
but I am unable to revoke it.

eg:
cas-rights-admin -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" grant 
suGroup objectGroup data serviceAction file_ra add

Also on querying ,
cas-find-policies -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" 
objectGroup data_ra
Applicable policies:
 Policy data:
 PolicyId: 129
 UserGroupName: suGroup
 Object Specification: data_ra
 Object Specification Description: objectGroup
 Action Specification: cas/grantAll
 Action Specification Description: serviceAction
Completed successfully

But revoke fails:

cas-rights-admin -c https://127.0.0.1:8443/wsrf/services/CASService -
s  "/O=Grid/OU=GlobusTest/OU=simpleCA-
gargya2.boeblingen.de.ibm.com/CN=host/lnxwsrf2.boeblingen.de.ibm.com" revoke  
suGroup objectGroup data serviceAction file_ra add

Revoke rights failed.Revoke with bad object spec description

------- Comment #1 From Rachana Ananthakrishnan 2005-05-02 11:25:39 -------

Fix committed to trunk and globus_4_0_branch.