diff options
authorAde Lee <>2016-04-22 14:22:16 -0400
committerAde Lee <>2016-04-22 14:52:11 -0400
commit0c15fe725baad094929a26035bfeeba90f980979 (patch)
parent1bee1688399eed154d969c04dccd41e3155b09f5 (diff)
Fix problem in creating certificate requests
Some incorrect code was added to request processing in the realm patches. In the request LDAP modification code, if the realm was not present, we added a modification to remove the realm attribute. Unfortunately, if the realm was not present to begin with, this resulted in LDAP returning a "No Such Attribute (16)" error, causing all kinds of requests - including certificate requests to fail to be submitted. At this point, we do not permit users to change the realm of a request. Therefore, there is no reason to remove the realm. If we ever need to do this in future, we'll have to be smarter about it.
1 files changed, 2 insertions, 2 deletions
diff --git a/base/server/cmscore/src/com/netscape/cmscore/request/ b/base/server/cmscore/src/com/netscape/cmscore/request/
index 074bff4..a6e454d 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/request/
+++ b/base/server/cmscore/src/com/netscape/cmscore/request/
@@ -198,10 +198,10 @@ public class RequestRecord
Modification.MOD_REPLACE, loadExtDataFromRequest(r));
+ // TODO(alee) - realm cannot be changed once set. Can the code be refactored to eliminate
+ // the next few lines?
if (r.getRealm() != null) {
mods.add(IRequestRecord.ATTR_REALM, Modification.MOD_REPLACE, r.getRealm());
- } else {
- mods.add(IRequestRecord.ATTR_REALM, Modification.MOD_DELETE, null);
for (int i = 0; i < mRequestA.length; i++) {