external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 5126e777 | patch | commit | ignore whitespace

Partial fix OPENDJ-194: Minor improvements to change log content and config...

Matthew Swift

09.51.2011 a2435ec46d9041f48870c10d0939d8d24800653a

Partial fix OPENDJ-194: Minor improvements to change log content and configuration

Publish original attributes from the target entry as a single value LDIF blob in "includedAttributes" in a similar manner to the "changes" attribute.

7 files modified

	opends/resource/config/config.ldif	2 ●●●●● patch \| view \| raw \| blame \| history
	opends/resource/schema/03-changelog.ldif	6 ●●●●● patch \| view \| raw \| blame \| history
	opends/src/server/org/opends/server/workflowelement/externalchangelog/ECLSearchOperation.java	55 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/staf-tests/functional-tests/testcases/aci/aci.xml	2 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/staf-tests/functional-tests/testcases/privileges/privileges.xml	2 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/staf-tests/functional-tests/testcases/security/security.xml	2 ●●●●● patch \| view \| raw \| blame \| history
	opends/tests/unit-tests-testng/src/server/org/opends/server/replication/ExternalChangeLogTest.java	38 ●●●●● patch \| view \| raw \| blame \| history

 opends/resource/config/config.ldif

@@ -76,7 +76,7 @@
ds-cfg-global-aci: (extop="1.3.6.1.4.1.26027.1.6.1 || 1.3.6.1.4.1.26027.1.6.3 || 1.3.6.1.4.1.4203.1.11.1 || 1.3.6.1.4.1.1466.20037 || 1.3.6.1.4.1.4203.1.11.3") (version 3.0; acl "Anonymous extended operation access"; allow(read) userdn="ldap:///anyone";)
ds-cfg-global-aci: (targetcontrol="2.16.840.1.113730.3.4.2 || 2.16.840.1.113730.3.4.17 || 2.16.840.1.113730.3.4.19 || 1.3.6.1.4.1.4203.1.10.2 || 1.3.6.1.4.1.42.2.27.8.5.1 || 2.16.840.1.113730.3.4.16") (version 3.0; acl "Anonymous control access"; allow(read) userdn="ldap:///anyone";)
ds-cfg-global-aci: (targetcontrol="1.3.6.1.1.12 || 1.3.6.1.1.13.1 || 1.3.6.1.1.13.2 || 1.2.840.113556.1.4.319 || 1.2.826.0.1.3344810.2.3 || 2.16.840.1.113730.3.4.18 || 2.16.840.1.113730.3.4.9 || 1.2.840.113556.1.4.473 || 1.3.6.1.4.1.42.2.27.9.5.9") (version 3.0; acl "Authenticated users control access"; allow(read) userdn="ldap:///all";)
ds-cfg-global-aci: (targetattr!="userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";)
ds-cfg-global-aci: (targetattr!="userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie||includedAttributes")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";)
ds-cfg-global-aci: (targetattr="audio||authPassword||description||displayName||givenName||homePhone||homePostalAddress||initials||jpegPhoto||labeledURI||mobile||pager||postalAddress||postalCode||preferredLanguage||telephoneNumber||userPassword")(version 3.0; acl "Self entry modification"; allow (write) userdn="ldap:///self";)
ds-cfg-global-aci: (targetattr="userPassword||authPassword")(version 3.0; acl "Self entry read"; allow (read,search,compare) userdn="ldap:///self";)
ds-cfg-global-aci: (target="ldap:///cn=schema")(targetscope="base")(targetattr="objectClass||attributeTypes||dITContentRules||dITStructureRules||ldapSyntaxes||matchingRules||matchingRuleUse||nameForms||objectClasses")(version 3.0; acl "User-Visible Schema Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";)

 opends/resource/schema/03-changelog.ldif

@@ -97,6 +97,12 @@
  SINGLE-VALUE
  USAGE directoryOperation
  X-ORIGIN 'OpenDS Directory Server' )
attributeTypes: ( 1.3.6.1.4.1.36733.2.1.1.6 NAME 'includedAttributes'
  DESC 'A set of attributes which were part of the entry before the changes were applied'
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
  SINGLE-VALUE
  USAGE directoryOperation
  X-ORIGIN 'OpenDJ Directory Server' )
objectClasses: ( 2.16.840.1.113730.3.2.1 NAME 'changeLogEntry' SUP top
  STRUCTURAL 
  MUST ( changeNumber $ targetDN $ changeType $ changeTime )

 opends/src/server/org/opends/server/workflowelement/externalchangelog/ECLSearchOperation.java

@@ -30,7 +30,6 @@


import static org.opends.messages.CoreMessages.*;
import static org.opends.messages.ReplicationMessages.*;
import static org.opends.server.config.ConfigConstants.*;
import static org.opends.server.loggers.ErrorLogger.logError;
import static org.opends.server.loggers.debug.DebugLogger.debugEnabled;
@@ -791,7 +790,7 @@
          .getCookie().toString(), DN.decode(addMsg.getDn()),
          addMsg.getChangeNumber(), ldifChanges, // entry as created (in LDIF
                                                 // format)
          addMsg.getUniqueId(), null, // real time current entry
          addMsg.getUniqueId(),
          eclAttributes, // entry attributes
          eclmsg.getDraftChangeNumber(), "add", changeInitiatorsName);

@@ -859,7 +858,6 @@
          .getCookie().toString(), DN.decode(modifyMsg.getDn()),
          modifyMsg.getChangeNumber(), ldifChanges,
          modifyMsg.getUniqueId(),
          null, // real time current entry
          modifyMsg.getEclIncludes(), // entry attributes
          eclmsg.getDraftChangeNumber(), changeType,
          changeInitiatorsName);
@@ -892,7 +890,7 @@
          .getCookie().toString(), DN.decode(delMsg.getDn()),
          delMsg.getChangeNumber(),
          null, // no changes
          delMsg.getUniqueId(), null,
          delMsg.getUniqueId(),
          delMsg.getEclIncludes(), // entry attributes
          eclmsg.getDraftChangeNumber(), "delete",
          delMsg.getInitiatorsName());
@@ -971,8 +969,7 @@
   * @param changeNumber    The provided replication changeNumber.
   * @param clearLDIFchanges     The provided LDIF changes for ADD and MODIFY
   * @param targetUUID      The provided targetUUID.
   * @param entry           The provided related current entry.
   * @param histEntryAttributes TODO:ECL Adress hist entry attributes
   * @param includedAttributes TODO:ECL Adress hist entry attributes
   * @param draftChangenumber The provided draft change number (integer)
   * @param changetype      The provided change type (add, ...)
   * @param changeInitiatorsName The provided initiatiors name
@@ -987,8 +984,7 @@
      ChangeNumber changeNumber,
      String clearLDIFchanges,
      String targetUUID,
      Entry entry,
      List<RawAttribute> histEntryAttributes,
      List<RawAttribute> includedAttributes,
      int draftChangenumber,
      String changetype,
      String changeInitiatorsName)
@@ -1204,27 +1200,38 @@
    else
      uAttrs.put(aType, attrList);

    if (histEntryAttributes != null)
    if (includedAttributes != null && !includedAttributes.isEmpty())
    {
      for (RawAttribute ra : histEntryAttributes)
      StringBuilder builder = new StringBuilder(256);
      for (RawAttribute includedAttribute : includedAttributes)
      {
        try
        String name = includedAttribute.getAttributeType();
        for (ByteString value : includedAttribute.getValues())
        {
          String attrName = ra.getAttributeType().toLowerCase();
          String eclName = "target" + attrName;
          AttributeBuilder builder = new AttributeBuilder(
              DirectoryServer.getDefaultAttributeType(eclName));
          AttributeType at = builder.getAttributeType();
          builder.setOptions(ra.toAttribute().getOptions());
          builder.addAll(ra.toAttribute());
          attrList = new ArrayList<Attribute>(1);
          attrList.add(builder.toAttribute());
          uAttrs.put(at, attrList);
          builder.append(name);
          appendLDIFSeparatorAndValue(builder, value);
          builder.append('\n');
        }
        catch(Exception e)
        {
      }
      String includedAttributesLDIF = builder.toString();

        }
      if ((aType = DirectoryServer
          .getAttributeType("includedattributes")) == null)
      {
        aType = DirectoryServer
            .getDefaultAttributeType("includedAttributes");
      }
      a = Attributes.create(aType, includedAttributesLDIF);
      attrList = new ArrayList<Attribute>(1);
      attrList.add(a);

      if (aType.isOperational())
      {
        operationalAttrs.put(aType, attrList);
      }
      else
      {
        uAttrs.put(aType, attrList);
      }
    }


 opends/tests/staf-tests/functional-tests/testcases/aci/aci.xml

@@ -48,7 +48,7 @@
            
            <script>
              CurrentTestPath['group']='aci'
              GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
              GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie||includedAttributes\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
            </script>
            
            <call function="'testGroup_Preamble'"/>

 opends/tests/staf-tests/functional-tests/testcases/privileges/privileges.xml

@@ -47,7 +47,7 @@
              CurrentTestPath['group']='privileges'
              _group=CurrentTestPath['group']
              
              GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
              GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie||includedAttributes\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
            </script>
            <call function="'testGroup_Preamble'" />
            <script>

 opends/tests/staf-tests/functional-tests/testcases/security/security.xml

@@ -47,7 +47,7 @@
              CurrentTestPath['group']='security'
              _group=CurrentTestPath['group']

              GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
              GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword||authPassword||changes||changeNumber||changeType||changeTime||targetDN||newRDN||newSuperior||deleteOldRDN||targetEntryUUID||changeInitiatorsName||changeLogCookie||includedAttributes\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
            </script>
            <call function="'testGroup_Preamble'" />
            <script>

 opends/tests/unit-tests-testng/src/server/org/opends/server/replication/ExternalChangeLogTest.java

@@ -218,7 +218,7 @@
   * Launcher.
   */
  @Test(enabled=true)
  public void ECLReplicationServerTest()
  public void ECLReplicationServerTest() throws Exception
  {
    // No RSDomain created yet => RS only case => ECL is not a supported
    ECLIsNotASupportedSuffix();
@@ -3982,7 +3982,7 @@
   * Test ECl entry attributes, and there configuration.
   *
   */
  private void ECLIncludeAttributes()
  private void ECLIncludeAttributes() throws Exception
  {
    String tn = "ECLIncludeAttributes";
    debugInfo(tn, "Starting test\n\n");
@@ -4176,28 +4176,32 @@
          s += "Entry:" + resultEntry.toLDIFString();

          String targetdn = getAttributeValue(resultEntry, "targetdn");

          if ((targetdn.endsWith("cn=robert hue,o=test3"))
            ||(targetdn.endsWith("cn=robert hue2,o=test3")))
          {
            Entry targetEntry = parseIncludedAttributes(resultEntry,
                targetdn);

            HashSet<String> eoc = new HashSet<String>();
            eoc.add("person");eoc.add("inetOrgPerson");eoc.add("organizationalPerson");eoc.add("top");
            checkValues(resultEntry,"targetobjectclass",eoc);
            assertEquals(targetEntry.getAttributes().size(), 0); // objectClass is handled separately
            checkValues(targetEntry,"objectclass",eoc);
          }
          if (targetdn.endsWith("cn=fiona jensen,o=test2"))
          {
            checkValue(resultEntry,"targetsn","jensen");
            checkValue(resultEntry,"targetcn","Fiona Jensen");
            Entry targetEntry = parseIncludedAttributes(resultEntry,
                targetdn);

            assertEquals(targetEntry.getAttributes().size(), 2);
            checkValue(targetEntry,"sn","jensen");
            checkValue(targetEntry,"cn","Fiona Jensen");
          }
          checkValue(resultEntry,"changeinitiatorsname", "cn=Internal Client,cn=Root DNs,cn=config");
        }
      }
      assertEquals(entries.size(),8, "Entries number returned by search" + s);
    }
    catch(Exception e)
    {
      fail("Ending "+tn+" test with exception:\n"
          +  stackTraceToSingleLineString(e));
    }
    finally
    {
      try
@@ -4239,6 +4243,20 @@
    debugInfo(tn, "Ending test with success");
  }

  private Entry parseIncludedAttributes(
      SearchResultEntry resultEntry, String targetdn)
      throws Exception
  {
    // Parse includedAttributes as an entry.
    String includedAttributes = getAttributeValue(resultEntry, "includedattributes");
    String[] ldifAttributeLines = includedAttributes.split("\\n");
    String[] ldif = new String[ldifAttributeLines.length + 1];
    System.arraycopy(ldifAttributeLines, 0, ldif, 1, ldifAttributeLines.length);
    ldif[0] = "dn: " + targetdn;
    Entry targetEntry = TestCaseUtils.makeEntry(ldif);
    return targetEntry;
  }

  private void waitOpResult(AbstractOperation operation,
      ResultCode expectedResult)
  {

			@@ -76,7 +76,7 @@
			ds-cfg-global-aci: (extop="1.3.6.1.4.1.26027.1.6.1 \|\| 1.3.6.1.4.1.26027.1.6.3 \|\| 1.3.6.1.4.1.4203.1.11.1 \|\| 1.3.6.1.4.1.1466.20037 \|\| 1.3.6.1.4.1.4203.1.11.3") (version 3.0; acl "Anonymous extended operation access"; allow(read) userdn="ldap:///anyone";)
			ds-cfg-global-aci: (targetcontrol="2.16.840.1.113730.3.4.2 \|\| 2.16.840.1.113730.3.4.17 \|\| 2.16.840.1.113730.3.4.19 \|\| 1.3.6.1.4.1.4203.1.10.2 \|\| 1.3.6.1.4.1.42.2.27.8.5.1 \|\| 2.16.840.1.113730.3.4.16") (version 3.0; acl "Anonymous control access"; allow(read) userdn="ldap:///anyone";)
			ds-cfg-global-aci: (targetcontrol="1.3.6.1.1.12 \|\| 1.3.6.1.1.13.1 \|\| 1.3.6.1.1.13.2 \|\| 1.2.840.113556.1.4.319 \|\| 1.2.826.0.1.3344810.2.3 \|\| 2.16.840.1.113730.3.4.18 \|\| 2.16.840.1.113730.3.4.9 \|\| 1.2.840.113556.1.4.473 \|\| 1.3.6.1.4.1.42.2.27.9.5.9") (version 3.0; acl "Authenticated users control access"; allow(read) userdn="ldap:///all";)
			ds-cfg-global-aci: (targetattr!="userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";)
			ds-cfg-global-aci: (targetattr!="userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie\|\|includedAttributes")(version 3.0; acl "Anonymous read access"; allow (read,search,compare) userdn="ldap:///anyone";)
			ds-cfg-global-aci: (targetattr="audio\|\|authPassword\|\|description\|\|displayName\|\|givenName\|\|homePhone\|\|homePostalAddress\|\|initials\|\|jpegPhoto\|\|labeledURI\|\|mobile\|\|pager\|\|postalAddress\|\|postalCode\|\|preferredLanguage\|\|telephoneNumber\|\|userPassword")(version 3.0; acl "Self entry modification"; allow (write) userdn="ldap:///self";)
			ds-cfg-global-aci: (targetattr="userPassword\|\|authPassword")(version 3.0; acl "Self entry read"; allow (read,search,compare) userdn="ldap:///self";)
			ds-cfg-global-aci: (target="ldap:///cn=schema")(targetscope="base")(targetattr="objectClass\|\|attributeTypes\|\|dITContentRules\|\|dITStructureRules\|\|ldapSyntaxes\|\|matchingRules\|\|matchingRuleUse\|\|nameForms\|\|objectClasses")(version 3.0; acl "User-Visible Schema Operational Attributes"; allow (read,search,compare) userdn="ldap:///anyone";)

			@@ -97,6 +97,12 @@
			SINGLE-VALUE
			USAGE directoryOperation
			X-ORIGIN 'OpenDS Directory Server' )
			attributeTypes: ( 1.3.6.1.4.1.36733.2.1.1.6 NAME 'includedAttributes'
			DESC 'A set of attributes which were part of the entry before the changes were applied'
			SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
			SINGLE-VALUE
			USAGE directoryOperation
			X-ORIGIN 'OpenDJ Directory Server' )
			objectClasses: ( 2.16.840.1.113730.3.2.1 NAME 'changeLogEntry' SUP top
			STRUCTURAL
			MUST ( changeNumber $ targetDN $ changeType $ changeTime )

			@@ -30,7 +30,6 @@


			import static org.opends.messages.CoreMessages.*;
			import static org.opends.messages.ReplicationMessages.*;
			import static org.opends.server.config.ConfigConstants.*;
			import static org.opends.server.loggers.ErrorLogger.logError;
			import static org.opends.server.loggers.debug.DebugLogger.debugEnabled;
			@@ -791,7 +790,7 @@
			.getCookie().toString(), DN.decode(addMsg.getDn()),
			addMsg.getChangeNumber(), ldifChanges, // entry as created (in LDIF
			// format)
			addMsg.getUniqueId(), null, // real time current entry
			addMsg.getUniqueId(),
			eclAttributes, // entry attributes
			eclmsg.getDraftChangeNumber(), "add", changeInitiatorsName);

			@@ -859,7 +858,6 @@
			.getCookie().toString(), DN.decode(modifyMsg.getDn()),
			modifyMsg.getChangeNumber(), ldifChanges,
			modifyMsg.getUniqueId(),
			null, // real time current entry
			modifyMsg.getEclIncludes(), // entry attributes
			eclmsg.getDraftChangeNumber(), changeType,
			changeInitiatorsName);
			@@ -892,7 +890,7 @@
			.getCookie().toString(), DN.decode(delMsg.getDn()),
			delMsg.getChangeNumber(),
			null, // no changes
			delMsg.getUniqueId(), null,
			delMsg.getUniqueId(),
			delMsg.getEclIncludes(), // entry attributes
			eclmsg.getDraftChangeNumber(), "delete",
			delMsg.getInitiatorsName());
			@@ -971,8 +969,7 @@
			* @param changeNumber The provided replication changeNumber.
			* @param clearLDIFchanges The provided LDIF changes for ADD and MODIFY
			* @param targetUUID The provided targetUUID.
			* @param entry The provided related current entry.
			* @param histEntryAttributes TODO:ECL Adress hist entry attributes
			* @param includedAttributes TODO:ECL Adress hist entry attributes
			* @param draftChangenumber The provided draft change number (integer)
			* @param changetype The provided change type (add, ...)
			* @param changeInitiatorsName The provided initiatiors name
			@@ -987,8 +984,7 @@
			ChangeNumber changeNumber,
			String clearLDIFchanges,
			String targetUUID,
			Entry entry,
			List<RawAttribute> histEntryAttributes,
			List<RawAttribute> includedAttributes,
			int draftChangenumber,
			String changetype,
			String changeInitiatorsName)
			@@ -1204,27 +1200,38 @@
			else
			uAttrs.put(aType, attrList);

			if (histEntryAttributes != null)
			if (includedAttributes != null && !includedAttributes.isEmpty())
			{
			for (RawAttribute ra : histEntryAttributes)
			StringBuilder builder = new StringBuilder(256);
			for (RawAttribute includedAttribute : includedAttributes)
			{
			try
			String name = includedAttribute.getAttributeType();
			for (ByteString value : includedAttribute.getValues())
			{
			String attrName = ra.getAttributeType().toLowerCase();
			String eclName = "target" + attrName;
			AttributeBuilder builder = new AttributeBuilder(
			DirectoryServer.getDefaultAttributeType(eclName));
			AttributeType at = builder.getAttributeType();
			builder.setOptions(ra.toAttribute().getOptions());
			builder.addAll(ra.toAttribute());
			attrList = new ArrayList<Attribute>(1);
			attrList.add(builder.toAttribute());
			uAttrs.put(at, attrList);
			builder.append(name);
			appendLDIFSeparatorAndValue(builder, value);
			builder.append('\n');
			}
			catch(Exception e)
			{
			}
			String includedAttributesLDIF = builder.toString();

			}
			if ((aType = DirectoryServer
			.getAttributeType("includedattributes")) == null)
			{
			aType = DirectoryServer
			.getDefaultAttributeType("includedAttributes");
			}
			a = Attributes.create(aType, includedAttributesLDIF);
			attrList = new ArrayList<Attribute>(1);
			attrList.add(a);

			if (aType.isOperational())
			{
			operationalAttrs.put(aType, attrList);
			}
			else
			{
			uAttrs.put(aType, attrList);
			}
			}

			@@ -48,7 +48,7 @@

			<script>
			CurrentTestPath['group']='aci'
			GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
			GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie\|\|includedAttributes\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
			</script>

			<call function="'testGroup_Preamble'"/>

			@@ -47,7 +47,7 @@
			CurrentTestPath['group']='privileges'
			_group=CurrentTestPath['group']

			GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
			GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie\|\|includedAttributes\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
			</script>
			<call function="'testGroup_Preamble'" />
			<script>

			@@ -47,7 +47,7 @@
			CurrentTestPath['group']='security'
			_group=CurrentTestPath['group']

			GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
			GLOBAL_ACI_SEARCH="(targetattr!=\"userPassword\|\|authPassword\|\|changes\|\|changeNumber\|\|changeType\|\|changeTime\|\|targetDN\|\|newRDN\|\|newSuperior\|\|deleteOldRDN\|\|targetEntryUUID\|\|changeInitiatorsName\|\|changeLogCookie\|\|includedAttributes\")(version 3.0; acl \"Anonymous read access\"; allow (read,search,compare) userdn=\"ldap:///anyone\";)"
			</script>
			<call function="'testGroup_Preamble'" />
			<script>

			@@ -218,7 +218,7 @@
			* Launcher.
			*/
			@Test(enabled=true)
			public void ECLReplicationServerTest()
			public void ECLReplicationServerTest() throws Exception
			{
			// No RSDomain created yet => RS only case => ECL is not a supported
			ECLIsNotASupportedSuffix();
			@@ -3982,7 +3982,7 @@
			* Test ECl entry attributes, and there configuration.
			*
			*/
			private void ECLIncludeAttributes()
			private void ECLIncludeAttributes() throws Exception
			{
			String tn = "ECLIncludeAttributes";
			debugInfo(tn, "Starting test\n\n");
			@@ -4176,28 +4176,32 @@
			s += "Entry:" + resultEntry.toLDIFString();

			String targetdn = getAttributeValue(resultEntry, "targetdn");

			if ((targetdn.endsWith("cn=robert hue,o=test3"))
			\|\|(targetdn.endsWith("cn=robert hue2,o=test3")))
			{
			Entry targetEntry = parseIncludedAttributes(resultEntry,
			targetdn);

			HashSet<String> eoc = new HashSet<String>();
			eoc.add("person");eoc.add("inetOrgPerson");eoc.add("organizationalPerson");eoc.add("top");
			checkValues(resultEntry,"targetobjectclass",eoc);
			assertEquals(targetEntry.getAttributes().size(), 0); // objectClass is handled separately
			checkValues(targetEntry,"objectclass",eoc);
			}
			if (targetdn.endsWith("cn=fiona jensen,o=test2"))
			{
			checkValue(resultEntry,"targetsn","jensen");
			checkValue(resultEntry,"targetcn","Fiona Jensen");
			Entry targetEntry = parseIncludedAttributes(resultEntry,
			targetdn);

			assertEquals(targetEntry.getAttributes().size(), 2);
			checkValue(targetEntry,"sn","jensen");
			checkValue(targetEntry,"cn","Fiona Jensen");
			}
			checkValue(resultEntry,"changeinitiatorsname", "cn=Internal Client,cn=Root DNs,cn=config");
			}
			}
			assertEquals(entries.size(),8, "Entries number returned by search" + s);
			}
			catch(Exception e)
			{
			fail("Ending "+tn+" test with exception:\n"
			+ stackTraceToSingleLineString(e));
			}
			finally
			{
			try
			@@ -4239,6 +4243,20 @@
			debugInfo(tn, "Ending test with success");
			}

			private Entry parseIncludedAttributes(
			SearchResultEntry resultEntry, String targetdn)
			throws Exception
			{
			// Parse includedAttributes as an entry.
			String includedAttributes = getAttributeValue(resultEntry, "includedattributes");
			String[] ldifAttributeLines = includedAttributes.split("\\n");
			String[] ldif = new String[ldifAttributeLines.length + 1];
			System.arraycopy(ldifAttributeLines, 0, ldif, 1, ldifAttributeLines.length);
			ldif[0] = "dn: " + targetdn;
			Entry targetEntry = TestCaseUtils.makeEntry(ldif);
			return targetEntry;
			}

			private void waitOpResult(AbstractOperation operation,
			ResultCode expectedResult)
			{