- changed status to resolved
Fix oidcDefaultMaxAge and authzIssueRefreshToken matching rules
Reported by customer:
I've loaded the following schema files into our OpenDJ and 389DS directories: 90-srp.ldif, 91-oidc-client.ldif and 92-oidc-authz.ldif
I can create objects with these object classes and verified that they are replicated without issue. On the 389DS instances, I get the following errors:
attr_syntax_create - Error: the SUBSTR matching rule [caseExactSubstringsMatch] is not compatible with the syntax [1.3.6.1.4.1.1466.115.121.1.27] for the attribute [oidcDefaultMaxAge]
attr_syntax_create - Error: the SUBSTR matching rule [caseExactSubstringsMatch] is not compatible with the syntax [1.3.6.1.4.1.1466.115.121.1.7] for the attribute [authzIssueRefreshToken]
I think this may be a slight bug in your schema definition, using a substring match on attributes that have integer and boolean datatypes, respectively. You can probably safely remove them. OpenDJ does not complain about this at all.
Comments (1)
-
reporter - Log in to comment
Done in commit 2b39572.