Hi,
I've been going through the Oracle Fusion Middleware documentation and was trying the example here:
http://docs.oracle.com/cd/E39820_01/doc.11121/gateway_docs/content/general_rbac_openldap.html
I've got m OpenLDAP installed and configured as described in the documentation and I've used PolicyStudio 11g (11.1.2) to create my sample test policy. Again, I'm following the example in the documentation. Was anyone able to get the example to work?
When I send a request from API Gateway Explorer with uid=admin and pwd=password (this user exists under ou=R&D,o=Vordel Ltd.,l=Dublin 4,st=Dublin,c=IE) I get the following error:
RBAC check failed for role(s) [Policy Developer, API Service Administrator, API Service Developer, Server Administrator, API Server Operator, KPS Administrator, Deployer] on management service [41bc40d0-fda9-4429-9356-c252b1563752 : [POST] /vordel].
The message [Id-656af252b93c000000000000bebb5c50] logged Failure at 02.05.2014 11:44:21,177 with log description: RBAC failed for user 'admin'
HTTP/1.1 403 Access denied
The above roles are defined in acl.json file.
I've checked the OpenLDAP logs and I do see the search returning records. I also ran an LDAP query using the search criteria specified in the example where base is ou=RBAC,o=Vordel Ltd.,l=Dublin 4,st=Dublin,c=IE and search filter is (&(objectClass=groupOfNames)(member=CN=${authentication.subject.id},ou=R&D,o=Vordel Ltd.,l=Dublin 4,st=Dublin.c=IE)) and checked the output of the logs comparing them to the log output when the request is submitted from the API Gateway Explorer. Both logs match in the output generated with both returning nentries=7 and no errors.
Just curious if anyone tried this and got it to work. I'm all new to this, but I'm getting more familiar with this product suite working through this example and hitting this error.
Thanks
--
mohammed