[gatein-issues] [JBoss JIRA] (GTNPORTAL-3493) Membership just added, disappears

Peter Palaga (JIRA) issues at jboss.org
Tue Jun 17 09:17:25 EDT 2014 

     [ https://issues.jboss.org/browse/GTNPORTAL-3493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Peter Palaga updated GTNPORTAL-3493:
------------------------------------

        Status: Resolved  (was: Pull Request Sent)
    Resolution: Done


> Membership just added, disappears
> ---------------------------------
>
>                 Key: GTNPORTAL-3493
>                 URL: https://issues.jboss.org/browse/GTNPORTAL-3493
>             Project: GateIn Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>            Reporter: Boubaker Khanfir
>            Assignee: Marek Posolda
>             Fix For: 3.8.3.Final, 3.9.0.Final
>
>         Attachments: plidm-ldap-membership-disappear.zip
>
>
> I attach a new unit test for a bug that we met in GateIN 3.5 (PL IDM 1.4.4).
> This one shows how we can add a membership and just after that it disappears.
> In this file [idm-configuration.xml|https://github.com/gatein/gatein-portal/blob/3.5.x/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml], the comment :
> {quote}
>           <!-- if "associationMembershipType" option is used and this option is set to true
>                 then Membership with MembershipType configured to be stored as PicketLink IDM association
>                 will not be stored as PicketLink IDM Role in case that they are in groups from this parameter.
>                 For RW LDAP setup, it's recommended to map all groups mapped to LDAP (all those from parameter groupTypeMappings)
>                 However for DB only and/or Read-only LDAP, it's recommended to not map anything here -->
> {quote}
> is not good and have to be like this:
> {quote}
>           <!-- if "associationMembershipType" option is used and this option is set to true
>                 then Membership with MembershipType configured to be stored as PicketLink IDM association
>                 will not be stored as PicketLink IDM Role in case that they are in groups from this parameter.
>                 For LDAP setup, it's recommended to map all groups mapped to LDAP (all those from parameter groupTypeMappings)
>                 However for DB only, it's recommended to not map anything here -->
> {quote}
> What changes in this comment ?
> The LDAP RW or ReadOnly have to get the same behavior using this parameter and we should map all LDAP groups in "ignoreMappedMembershipTypeGroupList".
> I think it's better to force/compute this parameter in OrganizationService instead of giving the ability to do it manually. The other solution is to modify OrganizationService Impl to deal with such a use case but I prefer the first choice.



--
This message was sent by Atlassian JIRA
(v6.2.6#6264)

More information about the gatein-issues mailing list