[jboss-jira] [JBoss JIRA] Resolved: (JBPORTAL-1778) SynchronizingLoginModule synchronizeRoles still syncs existing roles when set to false

Boleslaw Dawidowicz (JIRA) jira-events at lists.jboss.org
Thu Nov 22 04:19:19 EST 2007 

     [ http://jira.jboss.com/jira/browse/JBPORTAL-1778?page=all ]

Boleslaw Dawidowicz resolved JBPORTAL-1778.
-------------------------------------------

    Resolution: Done

Its was not a bug but a feature ;-)

I changed the behaviour to leave changes when 'synchronizeRoles' is set to false. I also added 'preserveRoles' option to enable role synchronization  to leave changes made on portal side. This  will go in 2.6.3 and is in svn. Identity jars will be updated in the repo later today

> SynchronizingLoginModule synchronizeRoles still syncs existing roles when set to false
> --------------------------------------------------------------------------------------
>
>                 Key: JBPORTAL-1778
>                 URL: http://jira.jboss.com/jira/browse/JBPORTAL-1778
>             Project: JBoss Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Portal Security
>    Affects Versions: 2.6.2 Final
>         Environment: Pentium 3 - 2GB memroy - 20 GB of Free Space
> Windows XP Professional Service Pack 2
> JBoss Portal 2.6.2 + JBoss AS 4.2.1 Bundle
>            Reporter: Guy M. Spillman, Jr.
>         Assigned To: Boleslaw Dawidowicz
>             Fix For: 2.6.3 Final
>
>
> Problem was discovered using JaasLounge(http://jaaslounge.sourceforge.net/ ) NTLMLoginModule, but can be duplicated using JBoss' UsersRolesLoginModule.
> Configuration:
> ${jboss.server.home.dir}\deploy\jboss-portal.sar\conf\login-config.xml:
> Code:
> <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="sufficient">
>   <module-option name="unauthenticatedIdentity">guest</module-option>
>   <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
>   <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
>   <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
>   <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
>   <module-option name="additionalRole">Authenticated</module-option>
>   <module-option name="password-stacking">useFirstPass</module-option>
> </login-module>
> <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required" />
> <login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional">
>   <module-option name="synchronizeIdentity">true</module-option>
>   <module-option name="synchronizeRoles">false</module-option>
>   <module-option name="additionalRole">Authenticated</module-option>
>   <module-option name="defaultAssignedRole">User</module-option>
>   <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
>   <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
>   <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
>   <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
> </login-module>		
> ${jboss.server.home.dir}\conf\defaultRoles.properties:
> Code:
> testuser=test
> testuser2=test2
> ${jboss.server.home.dir}\conf\defaultUsers.properties:
> Code:
> testuser=testrole1,testrole2
> testuser2=testrole3,testrole4
> 	
> Procedure:
> 1. Apply above configuration, run JBoss, and navigate to portal using browser.
> 2. Login using testuser/test.
> 3. Logout
> 4. Login using admin/admin
> 5. Click on the "Admin" link
> 6. Click on the "Members" tab
> 7. Click on "User Management" sub tab
> 8. Click on "Search Users" link
> 9. Find the "testuser" that should have been auto created in step #2
> 10. Click on "Role Management" sub tab
> 11. Click on "Create New Role" link
> 12. Enter "portalrole" for both "Role" and "Display Name" edit boxes (Role must not exist in defaultRoles.properties)
> 13. Click "Submit" button
> 14. Click on "User Management" sub tab
> 15. Click on "Search Users" link
> 16. Click on the "Roles" link to the right of "testuser"
> 17. Click the "portalrole" checkbox.
> 18. Click the "Submit" button.
> 19. Logout
> 20. Login using testuser/test
> 21. Navigate around the portal at your leisure (Sometimes this step can be skipped)
> 22. Logout
> 23. Login using admin/admin
> 24. Click on the "Admin" link
> 25. Click on the "Members" tab
> 26. Click on "User Management" sub tab
> 27. Click on "Search Users" link
> 28. Click on the "Roles" link to the right of "testuser"
> The "portalrole" is no longer checked.  Expected it to remain checked.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list