Hi, I have created a PR[1] to fix this issue. Can someone from kernel team review and merge this PR?
[1] https://github.com/wso2/carbon-kernel/pull/1163 Thanks. Regards, Megala On Wed, Oct 19, 2016 at 5:25 PM, Kamidu Punchihewa <[email protected]> wrote: > Hi Megala, > > If you have found out the issue and solution. Please do the necessary > change and do a round of testing. If everything works as expected please > send a pull request to the carbon kernel. > @Kernal Team How we can get the this released for the EMM 2.2.0 release ? > > Thanks and Best Regards, > > Kamidu Sachith Punchihewa > *Software Engineer* > WSO2, Inc. > lean . enterprise . middleware > Mobile : +94 (0) 770566749 <%2B94%20%280%29%20773%20451194> > > > Disclaimer: This communication may contain privileged or other > confidential information and is intended exclusively for the addressee/s. > If you are not the intended recipient/s, or believe that you may have > received this communication in error, please reply to the sender indicating > that fact and delete the copy you received and in addition, you should not > print, copy, retransmit, disseminate, or otherwise use the information > contained in this communication. Internet communications cannot be > guaranteed to be timely, secure, error or virus-free. The sender does not > accept liability for any errors or omissions. > > On Wed, Oct 19, 2016 at 11:07 AM, Megala Uthayakumar <[email protected]> > wrote: > >> Hi All, >> >> I am working on a jira [1] which is related with an exception that is >> thrown when trying to add a user/role in tenant mode using EMM console. >> This is particularly happens when we call the admin service to get the >> secondary user store configurations related to particular tenant [2]. >> Following is the root cause behind this exception, >> >> *Caused by: java.lang.SecurityException: Illegal access attempt to cache >> ] owned by tenant* >> *{[test.com <http://test.com>],[1]} by tenant {[test.com >> <http://test.com>],[-1234]}* >> >> When trying to access the cache, the caller's tenant id has changed to >> super-tenant id, although tenant domain is correct. I tried to start the >> tenant flow before calling the admin service, but still I got the same >> error. While debugging I found, [3] is the point where the tenant domain is >> set to correct domain, while the tenant id still set to super-tenant id. >> Locally I changed that particular line as per below, >> >> PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain( >> userTenantDomain,*true*); >> >> After that I could get the secondary user-store configurations related to >> that particular tenant. Is this a bug from carbon-level or is there any >> work-around to avoid this? Any comments or suggestions on this regard is >> highly appreciated. >> >> [1] https://wso2.org/jira/browse/EMM-1762 >> [2] https://github.com/wso2/carbon-device-mgt/blob/master/co >> mponents/device-mgt/org.wso2.carbon.device.mgt.ui/src/main/ >> resources/jaggeryapps/devicemgt/app/modules/business- >> controllers/user.js#L607 >> [3] https://github.com/wso2/carbon-kernel/blob/v4.4.9/core/ >> org.wso2.carbon.server.admin/src/main/java/org/wso2/carbon/ >> server/admin/module/handler/AuthenticationHandler.java#L93 >> >> Thanks. >> >> Regards, >> Megala >> -- >> Megala Uthayakumar >> >> Software Engineer >> Mobile : 0779967122 >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > -- Megala Uthayakumar Software Engineer Mobile : 0779967122
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
