Hi Asela, I think we should discuss these type of changes. Can you please let us know (list down) all these kind of changes? Also do we need to change other users as well? I am having permission issue with wso2.system.user. Wonder here I have to append "*system/"
* *-*Lasith* * On Fri, Aug 2, 2013 at 11:51 AM, Asela Pathberiya <[email protected]> wrote: > +1 AFAIK, here idea was to not to create this anonymous, system user and > roles in user store... Because user store can be an external AD, LDAP or > custom JDBC user store, It is not good to create users in external user > store.... Therefore it is planed to keep them in separate table inside > user management database. Therefore to uniquely identify the these roles > and users from other users from stores, "system" prefix has been added. I > guess, it is fine... However, if we are running carbon with respect to an > old user management database, I guess you need to update the " > wso2.anonymous.role" role name in to "system/wso2.anonymous.role" in > UM_ROLE _PERMISSION table. Could you please verify this also... then we > can add this to migration docs. This what, i got in to my mind... , If > there any concerns or improvements regarding this, please let know... > > Thanks, > Asela > > > On Fri, Aug 2, 2013 at 10:56 AM, Lalaji Sureshika <[email protected]> wrote: > >> Hi, >> >> Due to $subject ,APIStore anonymous view is broken and no APIs shown.. >> To fix this,after talk to Asela, I did the change as r179591,but still >> APIStore is having the same problem. >> >> When debugging the code,found in the method >> of updatePermissionTreeFromDB() in PermissionTree class,its referring the >> role names with domains as below. >> >> String roleWithDomain = UserCoreUtil.addDomainToName(roleName, domain); >> roleWithDomain = roleWithDomain.toLowerCase(); >> if (allow == UserCoreConstants.ALLOW) { >> * tree.authorizeRoleInTree(roleWithDomain, >> rs.getString(2), rs.getString(4), false);* >> } else { >> * tree.denyRoleInTree(roleWithDomain, >> rs.getString(2), rs.getString(4), false);* >> } >> >> And the wso2 anonymous role ,has referred as "*system/wso2.anonymous.role >> *" from above code block, when setting authorization per anonymous role >> in permission tree. >> >> When we implicitly try to authorize existing anonymous role name['* >> wso2.anonymous.role*'] from our code block ,it failed.. >> >> As the solution if we changed the anonymous.role value defined in >> CarbonConstants class [the constant referring from our code blocks] as >> below diff,the above will fixed. >> >> - public static final String REGISTRY_ANONNYMOUS_ROLE_NAME = "* >> wso2.anonymous.role*"; >> + public static final String REGISTRY_ANONNYMOUS_ROLE_NAME = "* >> system/wso2.anonymous.role*"; >> >> Shall I proceed with this change? >> >> Thanks; >> >> >> >> -- >> Lalaji Sureshika >> WSO2, Inc.; http://wso2.com/ >> email: [email protected]; cell: +94 71 608 6811 >> blog: http://lalajisureshika.blogspot.com >> >> > > > -- > Thanks & Regards, > Asela > > Mobile : +94 777 625 933 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
