[gatein-issues] [JBoss JIRA] (GTNPORTAL-3493) Membership just added, disappears
Peter Palaga (JIRA)
issues at jboss.org
Tue Jun 17 09:17:25 EDT 2014
[ https://issues.jboss.org/browse/GTNPORTAL-3493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Peter Palaga updated GTNPORTAL-3493:
------------------------------------
Status: Resolved (was: Pull Request Sent)
Resolution: Done
> Membership just added, disappears
> ---------------------------------
>
> Key: GTNPORTAL-3493
> URL: https://issues.jboss.org/browse/GTNPORTAL-3493
> Project: GateIn Portal
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Reporter: Boubaker Khanfir
> Assignee: Marek Posolda
> Fix For: 3.8.3.Final, 3.9.0.Final
>
> Attachments: plidm-ldap-membership-disappear.zip
>
>
> I attach a new unit test for a bug that we met in GateIN 3.5 (PL IDM 1.4.4).
> This one shows how we can add a membership and just after that it disappears.
> In this file [idm-configuration.xml|https://github.com/gatein/gatein-portal/blob/3.5.x/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml], the comment :
> {quote}
> <!-- if "associationMembershipType" option is used and this option is set to true
> then Membership with MembershipType configured to be stored as PicketLink IDM association
> will not be stored as PicketLink IDM Role in case that they are in groups from this parameter.
> For RW LDAP setup, it's recommended to map all groups mapped to LDAP (all those from parameter groupTypeMappings)
> However for DB only and/or Read-only LDAP, it's recommended to not map anything here -->
> {quote}
> is not good and have to be like this:
> {quote}
> <!-- if "associationMembershipType" option is used and this option is set to true
> then Membership with MembershipType configured to be stored as PicketLink IDM association
> will not be stored as PicketLink IDM Role in case that they are in groups from this parameter.
> For LDAP setup, it's recommended to map all groups mapped to LDAP (all those from parameter groupTypeMappings)
> However for DB only, it's recommended to not map anything here -->
> {quote}
> What changes in this comment ?
> The LDAP RW or ReadOnly have to get the same behavior using this parameter and we should map all LDAP groups in "ignoreMappedMembershipTypeGroupList".
> I think it's better to force/compute this parameter in OrganizationService instead of giving the ability to do it manually. The other solution is to modify OrganizationService Impl to deal with such a use case but I prefer the first choice.
--
This message was sent by Atlassian JIRA
(v6.2.6#6264)
More information about the gatein-issues
mailing list