| [higgins-dev] LDAP Schema files for higgins |
|
Hi Sergey, hi all, I open this post to indicate
a contradiction on the Higgins schema file for LDAP in the win_config.zip available
on the site http://wiki.eclipse.org/Deploy_Token_Service. I had a problem when I tried to generate a card that
uses a Personal X509 Certificate to authenticate to the IdP/STS. The card generated contained only the follow LDAP
error without claims and signatures: Exception:
javax.naming.directory.InvalidSearchFilterException: [LDAP: error code 18 - modify/add: cardKeyHash: no
equality matching rule]; remaining name 'uid=pippo,ou=identities,dc=higgins,dc=eclipse,dc=org' When I checked the higginsperson.schema
I discovered the lack of equality matching
rule in the cardKeyHash attribute. On the site http://wiki.eclipse.org/Object_Identifier_1.3.6.1.4.1.28392.1.1.2.1
I found an example of cardKeyHash schema file and tried this example for my
LDAP server. Now all work perfectly. One question: Why you use 1.3.6.1.4.1.8888.1.123 OID (I can’t
find owner info of this OID) and not the 1.3.6.4.1.28392 of the Eclipse Foundation? Could someone give me some light about this question? I hope this post could help other users. Thanks. Regards to all, Leonardo Straniero. |