Re: [Pki-users] PKI Console - Publishing Acl Error

This bug has been fixed in the latest versions. See https://bugzilla.redhat.com/show_bug.cgi?id=621602 for details. Basically, there is a typo (one too many ||) in the acl entry: certServer.publisher.configuration You can fix this in the acl.ldif file or even through the acl configuration in the pkiconsole. Ade On Sun, 2010-10-10 at 11:41 +0200, Frederic d'Huart wrote: > Hello Pki Users, > > I have an problem to access the DogTAG Publishing tab of the > PKIConsole. > > I want to enable a new CRL File publishing object as described into > the section 8.2.1 of the admin guide. > but I receive the error "You are not allowed to perform this > operation" anytime I'm trying to access the > publishing tab and subObjects. > > The ca_log show this error > ___ > > /var/log/pki-ca/debug > > [10/Oct/2010:11:06:52][http-9445-Processor24]: > LdapBoundConnFactory.java:391:returnConn() returnConn: mNumConns now 3 > [10/Oct/2010:11:06:52][http-9445-Processor24]: > AAclAuthz.java:643:evaluateExpressions() evaluated expression: > group="Registration Manager Agents" to be true > [10/Oct/2010:11:06:52][http-9445-Processor24]: > SignedAuditEventFactory.java:78:create() SignedAuditEventFactory: > create() > message=[AuditEvent=AUTHZ_FAIL][SubjectID=admin][Outcome=Failure][aclResource=<null>][Op=<null>] authorization failure > > [10/Oct/2010:11:06:52][http-9445-Processor24]: > LdapBoundConnFactory.java:343:getConn() getConn: mNumConns now 2 > [10/Oct/2010:11:06:52][http-9445-Processor24]: > LdapBoundConnFactory.java:391:returnConn() returnConn: mNumConns now 3 > [10/Oct/2010:11:06:52][http-9445-Processor24]: > SignedAuditEventFactory.java:78:create() SignedAuditEventFactory: > create() > message=[AuditEvent=ROLE_ASSUME][SubjectID=admin][Outcome=Failure][Role=Certificate Manager Agents, Registration Manager Agents, Trusted Managers, Administrators, Security Domain Administrators, Enterprise CA Administrators, Enterprise KRA Administrators, Enterprise OCSP Administrators, Enterprise TKS Administrators, Enterprise RA Administrators, Enterprise TPS Administrators] assume privileged role > > > I have checked everywhere in the PKIConsole ACL's tab, but I didn't > find anything ... > Does somebody would have an idea how to fix it ? > > > > Thank you .. > _______________________________________________ > Pki-users mailing list > Pki-users(a)redhat.com > https://www.redhat.com/mailman/listinfo/pki-users >