Project

General

Profile

Actions

Bug #13913

closed

Logs full of WARN Attribute 'apiAuthorizationKind' or 'expirationTimestamp' is defined for API account but it will be ignored

Added by François ARMAND almost 6 years ago. Updated over 2 years ago.

Status:
Released
Priority:
N/A
Category:
API
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Very Small
Priority:
82
Name check:
Fix check:
Regression:

Description

I'm not sure if the problem lies in Rudder or in one of user-management/api-authorization plugins, but we get into a situation where any action in Rudder leads to new logs:

WARN  com.normation.rudder.repository.ldap.LDAPEntityMapper - Attribute 'apiAuthorizationKind' or 'expirationTimestamp' is defined for API account 'admin' [admin], it will be ignored because the account is of type 'user'.

LDAP entry looks like:

dn: apiAccountId=admin,ou=API Accounts,ou=Rudder,cn=rudder-configuration
apiAccountId: admin
objectClass: apiAccount
objectClass: top
cn: admin
creationTimestamp: 20181023124204.477Z
apiToken: xxxxxxxxxx
apiTokenCreationTimestamp: 20181023124204.477Z
description: API token for user 'admin'
isEnabled: TRUE
apiAccountKind: user
structuralObjectClass: apiAccount
entryUUID: ca12ae10-6b0c-1038-8970-7396c7013d6a
creatorsName: cn=manager,cn=rudder-configuration
createTimestamp: 20181023124204Z
apiAuthorizationKind: rw
entryCSN: 20181024141834.113179Z#000000#000#000000
modifiersName: cn=manager,cn=rudder-configuration
modifyTimestamp: 20181024141834Z
entryDN: apiAccountId=admin,ou=API Accounts,ou=Rudder,cn=rudder-configuration
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE

So the problem is "apiAuthorizationKind". It may already be there in Rudder 4.3.

The severity is low, and in fact there's little reason for the log level to be "warn". It should be "debug".


Subtasks 1 (0 open1 closed)

Bug #14220: Log "Missing API authorizations level kind for token 'admin' with id 'admin'"ReleasedNicolas CHARLESActions

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #18052: Error displayed when switching from full access to read onlyReleasedElaad FURREEDANActions
Actions

Also available in: Atom PDF