Hi,

you should use method "userModel.grantRole(role)" to add new role mapping. Methods "getRoleMappings" and "getRealmRoleMappings" are used just for reading existing role mappings of user.

Marek

On 15.6.2015 16:49, Scott Rossillo wrote:

Hey all,

I was going to create a JIRA for this, but just want to make sure it’s an actual bug. We are not able to assign roles to a user from a federation provider.

For example, we expected something like this to work from UserFederationProvider. getUserByUsername(RealmModel realm, String username):

if (remoteUser.getRoles() != null) {

for (String roleName : remoteUser.getRoles()) {

RoleModel role = realm.getRole(roleName);

userModel.getRoleMappings().add(role); // doesn’t work

userModel.getRealmRoleMappings().add(role); // doesn’t work

}

}

However, nothing but the default role is assigned even when we confirm additional roles are assigned to remoteUser and realm.getRole() returns a valid RoleModel.

Create JIRA or should we be assigning roles from a UserFederationProvider in another way?

Thanks
_______________________________________________
keycloak-dev mailing list
keycloak-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev