From d2bf0a304c9da2a4cb3d58673eb38c3c2619bab7 Mon Sep 17 00:00:00 2001
From: Manuel Gaupp <m.gaupp@scanplus.de>
Date: Fri, 17 May 2013 12:15:30 +0000
Subject: [PATCH] CR-1677 Fix issue OPENDJ-899: ModDN with the same value ignored by ACIs

---
 opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java b/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java
index d0f6401..a317077 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java
@@ -24,6 +24,7 @@
  *
  *      Copyright 2008-2010 Sun Microsystems, Inc.
  *      Portions Copyright 2011-2012 ForgeRock AS
+ *      Portions Copyright 2013 Manuel Gaupp
  */
 package org.opends.server.authorization.dseecompat;
 
@@ -479,9 +480,8 @@
           ret = false;
         }
       }
-      boolean rdnEquals = oldRDN.equals(newRDN);
-      // Perform the RDN access checks only if the RDNs are not equal.
-      if (ret && !rdnEquals)
+      // Perform the RDN access checks.
+      if (ret)
       {
         ret = aciCheckRDNs(operation, oldRDN, newRDN);
       }
@@ -495,6 +495,7 @@
                 operation.getOriginalEntry());
         // The RDNs are not equal, skip the proxy check since it was
         // already performed in the aciCheckRDNs call above.
+        boolean rdnEquals = oldRDN.equals(newRDN);
         if (!rdnEquals)
         {
           operationContainer.setSeenEntry(true);

--
Gitblit v1.10.0