Hello there,
I found the problem concerning the roles. The Identity Server calls the
primary user store because the usernames in the list aren't prefixed with
the domain of the secondary store (which is my custom user store).
So I modified it and I enter into the method.
Now, I have this weird exception I never encountered before:
[2017-08-18 15:16:04,866] ERROR
{org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Error
occurred while accessing Java Security Manager Privilege Block
[2017-08-18 15:16:04,867] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy}
- org.wso2.carbon.user.core.UserStoreException: Error occurred while
accessing Java Security Manager Privilege Block
[2017-08-18 15:16:04,881] ERROR
{org.wso2.carbon.user.mgt.ui.UserAdminClient} - Error occurred while
accessing Java Security Manager Privilege Block
Regards,
Thomas
2017-08-18 14:35 GMT+02:00 Thomas LEGRAND <[email protected]>:
> Hello Isura!
>
> I did override the methods except the doGetInternalRoleListOfUser because
> the AbstractUserStoreManager already implements it.
>
> Here is my custom store manager in [1] and my "internal" class in [2]. In
> [3], you will have the user store properties managed by my user store.
>
> The goal of the test is to retrieve the roles of a user from the secondary
> user store implemented by this code by using the interface of the identity
> server. So you will have a "getRoleListOfUser()" which appears in the logs.
>
> [1] CustomUserStoreManager.java
> [2] CustomUserStoreManagerDSComponent.java
> [3] CustomUserStoreProperties.java
>
> 2017-08-18 12:10 GMT+02:00 Isura Karunaratne <[email protected]>:
>
>> Hi Thomas,
>>
>> Did you override doCheckExistingUser method in your custom user store
>> manager? In order to view the roles list of the user, following methods
>> should be overridden.
>>
>>
>> -
>>
>> doCheckExistingUser
>>
>> -
>>
>> doGetExternalRoleListOfUser
>>
>> -
>>
>> doGetInternalRoleListOfUser
>>
>>
>>
>> If the issue still occurs after overriding the doCheckExistingUser
>> method, please attach your sample code. So we can help you faster.
>>
>> Thanks
>> Isura.
>>
>> On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND <
>> [email protected]> wrote:
>>
>>> Hello again!
>>>
>>> During my tests, I "reinstalled" a new Identity Server v5.3.0 where I
>>> let the default configuration for the primary user store.
>>> I configured my custom secondary user store which retrieves data from a
>>> database. This custom user store is implemented by extending te
>>> AbstractUserStoreManager class and I generated a OSGi bundle which I
>>> dropped in the repository/components/dropins directory.
>>>
>>> So I can see my list of users coming from this user store when I display
>>> it from the identity server. But, when I want to display the roles of a
>>> suer, I noticed that the primary user store is called (in my case, that was
>>> the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager
>>> configured in the user-mgt.xml configuration file) to check if the user
>>> existed and to retrieve its roles.
>>>
>>> Did I miss something in my implementation of the user store to have the
>>> effect of the primary user store taking the lead to retrieve the roles
>>> physically located on the secondary user store?
>>>
>>> Regards,
>>>
>>> Thomas
>>>
>>> 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND <[email protected]>
>>> :
>>>
>>>> Hello,
>>>>
>>>> I really don't understand why my "external" roles don't appear in the
>>>> list and why no role methods are called in my connector because, when I
>>>> configure a LDAP one, I can see the roles retrieved from the LDAP are
>>>> listed with the internal ones.
>>>>
>>>> I set the log level to DEBUG to see that the LDAP user store is calling
>>>> the internal role retrieval method before checking if the user exists:
>>>>
>>>> [2017-08-17 11:18:00,647] DEBUG
>>>> {org.wso2.carbon.user.core.common.AbstractUserStoreManager}
>>>> - Retrieving internal roles for user name : a.bresson and search filter *
>>>> [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda
>>>> p.ReadOnlyLDAPUserStoreManager} - Searching for user a.bresson
>>>>
>>>> But in my case, the user check method isn't even called!
>>>>
>>>> If I continue with the logs, I can see that:
>>>>
>>>> [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda
>>>> p.ReadOnlyLDAPUserStoreManager} - Reading roles with the
>>>> memberOfProperty Property: memberOf
>>>>
>>>> Following this source code [1], it seems that it executes the method to
>>>> retrieve the external roles. On my side, in my own connector, that does not
>>>> even go there because it doesn't even check if the user exists.
>>>>
>>>> What am I missing?
>>>>
>>>> Regards,
>>>>
>>>> Thomas
>>>>
>>>> [1] https://github.com/biliroy/carbon4-kernel/blob/master/co
>>>> re/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/u
>>>> ser/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724
>>>>
>>>> 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND <[email protected]>
>>>> :
>>>>
>>>>> Hello everybody,
>>>>>
>>>>> I am writing a custom user store for the Identity Server and I
>>>>> successfully retrieved my list of users from my database. But when I try
>>>>> to
>>>>> display the roles of a user by clicking on the "View Roles" button [1],
>>>>> only the internal roles are displayed.
>>>>> I implemented the methods doGetExternalRoleListOfUser(),
>>>>> doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to
>>>>> log something on the INFO level but nothing happens.
>>>>>
>>>>> Can someone tell me which method to implement?
>>>>>
>>>>> Regards,
>>>>>
>>>>> Thomas
>>>>>
>>>>> [1] [image: Images intégrées 1]
>>>>>
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> [email protected]
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>>
>> *Isura Dilhara Karunaratne*
>> Associate Technical Lead | WSO2
>> Email: [email protected]
>> Mob : +94 772 254 810 <+94%2077%20225%204810>
>> Blog : http://isurad.blogspot.com/
>>
>>
>>
>>
>
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
