Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-2718

Creating a user in DJ via LDAP connector with different ID in URL and payload leads to 500 but user is created anyway

    Details

      Description

      Create user in DJ via LDAP connector with different ID in URL and payload leads to 500 but user is created anyway
      This situation is documented in here http://openidm.forgerock.org/doc/integrators-guide/index.html#managing-system-objects-REST

      When you create a system object with a PUT request (that is, specifying a client-assigned ID), you should specify the ID in the URL only and not in the JSON payload. If you specify a different ID in the URL and in the JSON payload, the request will fail, with an error similar to the following:

      {
          "code":500,
          "reason":"Internal Server Error",
          "message":"The uid attribute is not single value attribute."
      }
      

      The problem is that, in that case, the user in created anyway, and then can not be read or deleted.
      => the server/connector should NOT create the user

      Steps to reproduce the problem:

      • launch OpenIDM with Sample2 (connection to OpenDJ)
      • create user:
        curl --header "If-None-Match: *" --header "Content-Type: application/json" --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --data '{"cn":"James Smith","dn":"uid=uid_from_data,ou=people,dc=example,dc=com","uid":"uid_from_data","sn":"Smith","givenName":"James","mail": "jsmith@examplerock.com","description":"Created by OpenIDM REST"}' --request PUT "http://localhost:8080/openidm/system/ldap/account/uid=uid_from_url,ou=people,dc=example,dc=com"
        Response Content: {"code":500,"reason":"Internal Server Error","message":"The uid attribute is not single value attribute."}
        
      • read user
        curl --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --request GET "http://localhost:8080/openidm/system/ldap/account/uid=uid_from_url,ou=people,dc=example,dc=com"
        Response Content: {"code":500,"reason":"Internal Server Error","message":"The uid attribute is not single value attribute."}
        
      • delete user
        curl --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --header "If-Match: *" --request DELETE "http://localhost:8080/openidm/system/ldap/account/uid=uid_from_url,ou=people,dc=example,dc=com"
        Response Content: {"code":500,"reason":"Internal Server Error","message":"The uid attribute is not single value attribute."}
        

      Note that the problem occurs in other situations where different IDs are provided within the payload itself:

      curl --header "If-None-Match: *" --header "Content-Type: application/json" --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --data '{"cn":"James Smith","dn":"uid=uid_in_dn,ou=people,dc=example,dc=com","uid":"uid_by_itself","sn":"Smith","givenName":"James","mail": "jsmith@examplerock.com","description":"Created by OpenIDM REST"}' --request PUT "http://localhost:8080/openidm/system/ldap/account/uid=uid_in_dn,ou=people,dc=example,dc=com"
      Response Content: {"code":500,"reason":"Internal Server Error","message":"The uid attribute is not single value attribute."}
      

      and also with POST:

      curl --header "Content-Type: application/json" --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --data '{"cn":"James Smith","dn":"uid=uid_in_dn_for_post,ou=people,dc=example,dc=com","uid":"uid_by_itself_for_post","sn":"Smith","givenName":"James","mail": "jsmith@examplerock.com","description":"Created by OpenIDM REST"}' --request POST "http://localhost:8080/openidm/system/ldap/account?_action=create"
      Response Content: {"code":500,"reason":"Internal Server Error","message":"The uid attribute is not single value attribute."}
      

        Attachments

          Activity

            People

            • Assignee:
              alin Alin Brici
              Reporter:
              laurent.bristiel Laurent Bristiel
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: