Actions
Bug #13913
closed
Logs full of WARN Attribute 'apiAuthorizationKind' or 'expirationTimestamp' is defined for API account but it will be ignored
Pull Request:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Very Small
Priority:
82
Name check:
Fix check:
Regression:
Description
I'm not sure if the problem lies in Rudder or in one of user-management/api-authorization plugins, but we get into a situation where any action in Rudder leads to new logs:
WARN com.normation.rudder.repository.ldap.LDAPEntityMapper - Attribute 'apiAuthorizationKind' or 'expirationTimestamp' is defined for API account 'admin' [admin], it will be ignored because the account is of type 'user'.
LDAP entry looks like:
dn: apiAccountId=admin,ou=API Accounts,ou=Rudder,cn=rudder-configuration apiAccountId: admin objectClass: apiAccount objectClass: top cn: admin creationTimestamp: 20181023124204.477Z apiToken: xxxxxxxxxx apiTokenCreationTimestamp: 20181023124204.477Z description: API token for user 'admin' isEnabled: TRUE apiAccountKind: user structuralObjectClass: apiAccount entryUUID: ca12ae10-6b0c-1038-8970-7396c7013d6a creatorsName: cn=manager,cn=rudder-configuration createTimestamp: 20181023124204Z apiAuthorizationKind: rw entryCSN: 20181024141834.113179Z#000000#000#000000 modifiersName: cn=manager,cn=rudder-configuration modifyTimestamp: 20181024141834Z entryDN: apiAccountId=admin,ou=API Accounts,ou=Rudder,cn=rudder-configuration subschemaSubentry: cn=Subschema hasSubordinates: FALSE
So the problem is "apiAuthorizationKind". It may already be there in Rudder 4.3.
The severity is low, and in fact there's little reason for the log level to be "warn". It should be "debug".
Updated by 
Updated by 
Updated by
Actions