[keycloak-dev] Unable to assign roles from a federation provider
Marek Posolda
mposolda at redhat.com
Wed Jun 17 06:20:05 EDT 2015
Hi,
you should use method "userModel.grantRole(role)" to add new role
mapping. Methods "getRoleMappings" and "getRealmRoleMappings" are used
just for reading existing role mappings of user.
Marek
On 15.6.2015 16:49, Scott Rossillo wrote:
> Hey all,
>
> I was going to create a JIRA for this, but just want to make sure it’s
> an actual bug. We are not able to assign roles to a user from a
> federation provider.
>
> For example, we expected something like this to work
> from UserFederationProvider. getUserByUsername(RealmModel realm,
> String username):
>
> if (remoteUser.getRoles() != null) {
> for (String roleName : remoteUser.getRoles()) {
> RoleModel role = realm.getRole(roleName);
> userModel.getRoleMappings().add(role); // doesn’t work
> userModel.getRealmRoleMappings().add(role); // doesn’t work
> }
> }
>
> However, nothing but the default role is assigned even when we confirm
> additional roles are assigned to remoteUser and realm.getRole()
> returns a valid RoleModel.
>
> Create JIRA or should we be assigning roles from a
> UserFederationProvider in another way?
>
> Thanks
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150617/da0995c3/attachment-0001.html
More information about the keycloak-dev
mailing list