Back to bug 1015481
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Martin Kosek | 2013-10-07 08:46:22 UTC | Status | NEW | ASSIGNED |
| Martin Kosek | 2013-10-07 08:59:36 UTC | Doc Text | Cause: Identity Management administration framework API contains 2 checks to verify that request on it's API can be passed further: 1. Checking if client API version is not higher than server API version - if yes, request is rejected 2. Checking if client API request does not use attribute or parameter unknown to server - if yes, request is rejected However, IdM server does the checks in improper order - first, the attribute/parameter check is done and after that, API version check is done. Consequence: When a new client (like RHEL-6.5) runs "ipa" administration tool against an older server (like RHEL-6.4), the command returns confusing error, e.g.: $ ipa user-show admin ipa: ERROR: Unknown option: no_members ipa command should have returned error stating API compatibility instead, e.g.: $ ipa user-show admin ipa: ERROR: 2.49 client incompatible with 2.46 server at u'https://ipa.server.fqdn/ipa/xml' Workaround (if any): N/A Result: | |
| Doc Type | Bug Fix | Known Issue | ||
| Eliska Slobodova | 2013-10-18 12:02:05 UTC | Doc Text | Cause: Identity Management administration framework API contains 2 checks to verify that request on it's API can be passed further: 1. Checking if client API version is not higher than server API version - if yes, request is rejected 2. Checking if client API request does not use attribute or parameter unknown to server - if yes, request is rejected However, IdM server does the checks in improper order - first, the attribute/parameter check is done and after that, API version check is done. Consequence: When a new client (like RHEL-6.5) runs "ipa" administration tool against an older server (like RHEL-6.4), the command returns confusing error, e.g.: $ ipa user-show admin ipa: ERROR: Unknown option: no_members ipa command should have returned error stating API compatibility instead, e.g.: $ ipa user-show admin ipa: ERROR: 2.49 client incompatible with 2.46 server at u'https://ipa.server.fqdn/ipa/xml' Workaround (if any): N/A Result: | Identity Management administration framework API contains two checks to verify that a request on its API can be passed further: 1. A check to see if the client API version is not higher than the server API version. If it is, the request is rejected. 2. A check to see if the client API request does not use an attribute or a parameter unknown to the server. If it does, the request is rejected. However, the Identity Management server performs the checks in an incorrect order: first, the attribute and parameter check is done and after that, the API version check is done. As a consequence, when a new client (for example, Red Hat Enterprise Linux 6.5) runs the ipa administration tool against a server with an earlier operating system (for example, Red Hat Enterprise Linux 6.4), the command returns a confusing error message; for example, instead of stating API compatibility, ipa outputs the following message: $ ipa user-show admin ipa: ERROR: Unknown option: no_members |
| Namita Soman | 2014-01-23 18:44:20 UTC | Priority | unspecified | medium |
| Ann Marie Rubin | 2014-02-04 22:20:16 UTC | Blocks | 1061410 | |
| Scott Poore | 2014-04-10 22:31:49 UTC | CC | spoore | |
| Martin Kosek | 2014-06-13 10:11:52 UTC | Status | ASSIGNED | POST |
| Martin Kosek | 2014-06-13 12:44:38 UTC | Status | POST | MODIFIED |
| Fixed In Version | ipa-3.0.0-38.el6 | |||
| errata-xmlrpc | 2014-06-13 13:09:26 UTC | Status | MODIFIED | ON_QA |
| Kaleem | 2014-08-01 12:02:39 UTC | Status | ON_QA | ASSIGNED |
| Kaleem | 2014-08-11 16:04:24 UTC | CC | mkosek | |
| Flags | needinfo?(mkosek) | |||
| Martin Kosek | 2014-08-11 17:07:43 UTC | Flags | needinfo?(mkosek) | |
| Kaleem | 2014-08-12 09:07:16 UTC | Status | ASSIGNED | VERIFIED |
| errata-xmlrpc | 2014-10-14 07:32:14 UTC | Status | VERIFIED | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2014-10-14 03:32:14 UTC |
Back to bug 1015481