[
http://jira.magnolia-cms.com/browse/MAGNOLIA-4478?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Milan Divilek updated MAGNOLIA-4478:
------------------------------------
Assignee: Milan Divilek (was: Philipp Bärfuss)
Fix Version/s: 4.5.5
> Improve "More than one user found with name [{}] in realm [{}]" error messages
> ------------------------------------------------------------------------------
>
> Key: MAGNOLIA-4478
> URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-4478
> Project: Magnolia
> Issue Type: Improvement
> Security Level: Public
> Components: security
> Affects Versions: 4.5.3
> Reporter: Edgar Vonk
> Assignee: Milan Divilek
> Fix For: 4.5.5
>
> Attachments: Screen Shot 2012-07-18 at 10.36.20 AM.png
>
>
> Since the upgrade to Magnolia 4.5 (which is not quite finished but almost, we
> hope) we see in the logs:
> {code}
> MgnlUserManager.java(findPrincipalNode:291) 17.07.2012 14:27:31 More than
> one user found with name [{}] in realm [{}]
> {code}
> Our security configuration in Magnolia looks fine so I do wonder if there
> actually is anything wrong. Looking at the code in question I wonder if this
> code is actually ok as it is?
> {code}
> /**
> * Helper method to find a user in a certain realm. Uses JCR Query.
> */
> @Override
> protected Node findPrincipalNode(String name, Session session) throws
> RepositoryException {
> String realmName = getRealmName();
> final String where;
> // the all realm searches the repository
> if (Realm.REALM_ALL.getName().equals(realmName)) {
> where = "where name() = '" + name + "'";
> } else {
> // FIXME: DOUBLE CHECK THE QUERY FOR REALMS ... ISDESCENDANTNODE
> and NAME ....
> where = "where name() = '" + name + "' and isdescendantnode(['/"
> + realmName + "'])";
> // where = "where [jcr:path] = '/" + realm + "/" +
> name + "'"
> // + " or [jcr:path] like '/" + realm + "/%/" + name +
> "'";
> }
> final String statement = "select * from [" + MgnlNodeType.USER + "] "
> + where;
> Query query =
> session.getWorkspace().getQueryManager().createQuery(statement,
> Query.JCR_SQL2);
> NodeIterator iter = query.execute().getNodes();
> Node user = null;
> while (iter.hasNext()) {
> Node node = iter.nextNode();
> if (node.isNodeType(ItemType.USER.getSystemName())) {
> user = node;
> break;
> }
> }
> if (iter.hasNext()) {
> log.error("More than one user found with name [{}] in realm
> [{}]");
> }
> return user;
> }
> {code}
> In any case could you guys have a look at this code and at the very least
> make the log line output the name and realm in question (this is forgotten in
> the code):
> {code}
> log.error("More than one user found with name [{" + name + "}] in realm [{"
> + realmName + "}]");
> {code}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
