[seam-issues] [JBoss JIRA] Commented: (SEAMSECURITY-84) identity.hasRole and identity.addRole do not seem to be interacting with JpaStore

[Bill Elliot (JIRA)]

    [ https://issues.jboss.org/browse/SEAMSECURITY-84?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12621447#comment-12621447 ] 

Bill Elliot commented on SEAMSECURITY-84:
-----------------------------------------

Shane, that doesn't sound right. everything in the documentation (reference and API) seem to indicate that it is directly tied into the PicketLink security. Having identity.addRole only to be valid for the current session seems to be of limited use. Also, what about hasRole and getRoles? They also do not seem to return all of the user's authorizations. Yet, the documentation seems to indicate they are coming from PicketLink.

> identity.hasRole and identity.addRole do not seem to be interacting with JpaStore
> ---------------------------------------------------------------------------------
>
>                 Key: SEAMSECURITY-84
>                 URL: https://issues.jboss.org/browse/SEAMSECURITY-84
>             Project: Seam Security
>          Issue Type: Bug
>    Affects Versions: 3.0.0.Final
>         Environment: Windows 7, MySQL 5.1, AS6
>            Reporter: Bill Elliot
>            Assignee: John Ament
>
> I am trying to use Roles with Seam Security. I have added the following to my MySQL DB. 
> insert into IdentityRoleName(id, name) values (1, 'admin');
> insert into IdentityRoleName(id, name) values (2, 'manager');
> insert into IdentityObjectType(id, name) values (1, 'USER');
> insert into IdentityObjectType(id, name) values (2, 'GROUP');
> insert into IdentityObject (id, name, identity_object_type_id) values (1, 'shane', 1);
> insert into IdentityObject (id, name, identity_object_type_id) values (2, 'demo', 1);
> insert into IdentityObject (id, name, identity_object_type_id) values (3, 'ROOT', 2);
> insert into IdentityObject (id, name, identity_object_type_id) values (4, 'USERS', 2);
> insert into IdentityObjectCredentialType (id, name) values (1, 'PASSWORD');
> insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value) values (1, 1, 1, 'password');
> insert into IdentityObjectCredential (id, identity_object_id, credential_type_id, value) values (2, 2, 1, 'demo');
> insert into IdentityObjectRelationshipType (id, name) values (1, 'JBOSS_IDENTITY_MEMBERSHIP');
> insert into IdentityObjectRelationshipType (id, name) values (2, 'JBOSS_IDENTITY_ROLE');
> insert into IdentityObjectRelationship (id, name, relationship_type_id, from_identity_id, to_identity_id) values (1, 'admin', 2, 3, 2);
> insert into IdentityObjectRelationship (id, name, relationship_type_id, from_identity_id, to_identity_id) values (2, 'admin', 2, 4, 2);
> And my seam-beans.xml has the following:
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> 	xmlns:s="urn:java:ee" xmlns:drools="urn:java:org.jboss.seam.drools:org.jboss.seam.drools.config"
> 	xmlns:auth="urn:java:org.jboss.seam.security" xmlns:security="urn:java:org.jboss.seam.security.permission"
> 	xmlns:plidm="urn:java:org.jboss.seam.security.management.picketlink"
> 	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://jboss.org/schema/cdi/beans_1_0.xsd">
> 	<auth:Identity>
> 		<s:modifies />
> 		<auth:authenticatorName>NGOAuthenticator</auth:authenticatorName>
> 	</auth:Identity>
> 	<security:JpaPermissionStore>
> 		<s:replaces />
> 		<security:identityPermissionClass>com.ngo.domain.IdentityPermission</security:identityPermissionClass>
> 	</security:JpaPermissionStore>
> 	<plidm:JpaIdentityStoreConfiguration>
> 		<s:replaces />
> 		<plidm:identityClass>com.ngo.domain.IdentityObject</plidm:identityClass>
> 		<plidm:credentialClass>com.ngo.domain.IdentityObjectCredential</plidm:credentialClass>
> 		<plidm:relationshipClass>com.ngo.domain.IdentityObjectRelationship</plidm:relationshipClass>
> 		<plidm:roleTypeClass>com.ngo.domain.IdentityRoleName</plidm:roleTypeClass>
> 		<plidm:attributeClass>com.ngo.domain.IdentityObjectAttribute</plidm:attributeClass>
> 	</plidm:JpaIdentityStoreConfiguration>
> </beans>
> When I try to execute the following "identity.getRoles()" I get no roles and therefore when I execute identity.hasRole( "admin", "ROOT", "GROUP" ) it returns false.
> What am I missing?
> I have also tried removing the relationship entries and executing identity.addRole( "admin", "ROOT", "GROUP" ) just before the hasRole and it says I now have the Role. But, the values are not added to the DB.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira