Closed josvanroosmalen closed 5 years ago
In progress now.
Fixed in pull request #100 . Please close after merging
I'm still seeing the same issue with this branch. I did a fresh mldeploy with it and when logging in as either the wizard-user or search-user I'm getting SEC-PRIV:
2018-03-17 12:29:12.317 Notice: SEC-PRIV: xdmp:passive-security-assert(("http://marklogic.com/xdmp/privileges/admin/database", "http://marklogic.com/xdmp/privileges/admin-module-write", "http://marklogic.com/xdmp/privileges/admin/database/forests", ...), "execute") -- Need privilege: http://marklogic.com/xdmp/privileges/admin/database or http://marklogic.com/xdmp/privileges/admin-module-write or http://marklogic.com/xdmp/privileges/admin/database/forests or http://marklogic.com/xdmp/privileges/admin/database/backup or http://marklogic.com/xdmp/privileges/admin/database/index or http://marklogic.com/xdmp/privileges/admin/database/replication or http://marklogic.com/xdmp/privileges/admin/database/forest-backup or http://marklogic.com/xdmp/privileges/admin/database/10424895981685925113 or http://marklogic.com/xdmp/privileges/admin/database/forests/10424895981685925113 or http://marklogic.com/xdmp/privileges/admin/database/backup/10424895981685925113 or http://marklogic.com/xdmp/privileges/admin/database/index/10424895981685925113 or http://marklogic.com/xdmp/privileges/admin/database/replication/10424895981685925113 or http://marklogic.com/xdmp/privileges/admin/database/forest-backup/10424895981685925113
2018-03-17 12:29:12.317 Notice:+in /MarkLogic/admin.xqy, at 16081:2,
2018-03-17 12:29:12.317 Notice:+in checkDbAllPriv(xs:unsignedLong("10424895981685925113")) [1.0-ml]
2018-03-17 12:29:12.317 Notice:+ $database-id = xs:unsignedLong("10424895981685925113")
2018-03-17 12:29:12.317 Notice:+ $dbPriv = "http://marklogic.com/xdmp/privileges/admin/database/"
2018-03-17 12:29:12.317 Notice:+ $frPriv = "http://marklogic.com/xdmp/privileges/admin/database/forests"
2018-03-17 12:29:12.317 Notice:+ $bakPriv = "http://marklogic.com/xdmp/privileges/admin/database/backup"
2018-03-17 12:29:12.317 Notice:+ $indPriv = "http://marklogic.com/xdmp/privileges/admin/database/index"
2018-03-17 12:29:12.317 Notice:+ $repPriv = "http://marklogic.com/xdmp/privileges/admin/database/replication"
2018-03-17 12:29:12.317 Notice:+ $fbPriv = "http://marklogic.com/xdmp/privileges/admin/database/forest-backu..."
2018-03-17 12:29:12.317 Notice:+ $dbPrivId = "http://marklogic.com/xdmp/privileges/admin/database/104248959816..."
2018-03-17 12:29:12.317 Notice:+ $frPrivId = "http://marklogic.com/xdmp/privileges/admin/database/forests/1042..."
2018-03-17 12:29:12.317 Notice:+ $bakPrivId = "http://marklogic.com/xdmp/privileges/admin/database/backup/10424..."
2018-03-17 12:29:12.317 Notice:+ $indPrivId = "http://marklogic.com/xdmp/privileges/admin/database/index/104248..."
2018-03-17 12:29:12.317 Notice:+ $repPrivId = "http://marklogic.com/xdmp/privileges/admin/database/replication/..."
2018-03-17 12:29:12.317 Notice:+ $fbPrivId = "http://marklogic.com/xdmp/privileges/admin/database/forest-backu..."
2018-03-17 12:29:12.317 Notice:+in /MarkLogic/admin.xqy, at 17420:25,
2018-03-17 12:29:12.317 Notice:+in database-get-value(
@cskeefer is there a workaround?
@damonfeldman This looks good now. The only security-related issue I'm seeing now is addressed in #131
Closing since not an issue anymore
The recent master after merging the CRUD branch is throwing SEC-PRIV errors in case of trying to login with the wizard/search user. Reported by @markschiffner and @cskeefer