0b9b5e8 Bug 612264 - ACI issue with (targetattr='userPassword')

Authored and Committed by nkinder 13 years ago
    Bug 612264 - ACI issue with (targetattr='userPassword')
    
    If an ACI has a targetattr of userPassword and uses the USERDN
    keyword, the ACI may not be evaluated correctly for password
    change operations.  This is caused by the fact that we use a
    dummy target entry to check if the pasword change is allowed early
    in the operation.  This dummy entry will not have any attributes
    that the ACI may use.
    
    The fix is to actually fetch the target entry with all of it's
    attributes.  We still create a dummy entry if the target doesn't
    exist to prevent returning a no such entry error  when we should be
    returning an access denied or insufficient access error.
    
        
file modified
+10 -5