Hi Thomas, It is wrong to set tenantId as follows for carbon.super tenant. Super tenant's tenantID is -1234. Can you attach full exception stacktrace.
carbonContext.setTenantId(64302); Thanks Isura. On Fri, Aug 18, 2017 at 6:50 PM, Thomas LEGRAND < [email protected]> wrote: > Hello there, > > I found the problem concerning the roles. The Identity Server calls the > primary user store because the usernames in the list aren't prefixed with > the domain of the secondary store (which is my custom user store). > So I modified it and I enter into the method. > > Now, I have this weird exception I never encountered before: > > [2017-08-18 15:16:04,866] ERROR > {org.wso2.carbon.user.core.common.AbstractUserStoreManager} > - Error occurred while accessing Java Security Manager Privilege Block > [2017-08-18 15:16:04,867] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy} > - org.wso2.carbon.user.core.UserStoreException: Error occurred while > accessing Java Security Manager Privilege Block > [2017-08-18 15:16:04,881] ERROR {org.wso2.carbon.user.mgt.ui.UserAdminClient} > - Error occurred while accessing Java Security Manager Privilege Block > > Regards, > > Thomas > > 2017-08-18 14:35 GMT+02:00 Thomas LEGRAND <[email protected]>: > >> Hello Isura! >> >> I did override the methods except the doGetInternalRoleListOfUser because >> the AbstractUserStoreManager already implements it. >> >> Here is my custom store manager in [1] and my "internal" class in [2]. In >> [3], you will have the user store properties managed by my user store. >> >> The goal of the test is to retrieve the roles of a user from the >> secondary user store implemented by this code by using the interface of the >> identity server. So you will have a "getRoleListOfUser()" which appears in >> the logs. >> >> [1] CustomUserStoreManager.java >> [2] CustomUserStoreManagerDSComponent.java >> [3] CustomUserStoreProperties.java >> >> 2017-08-18 12:10 GMT+02:00 Isura Karunaratne <[email protected]>: >> >>> Hi Thomas, >>> >>> Did you override doCheckExistingUser method in your custom user store >>> manager? In order to view the roles list of the user, following methods >>> should be overridden. >>> >>> >>> - >>> >>> doCheckExistingUser >>> >>> - >>> >>> doGetExternalRoleListOfUser >>> >>> - >>> >>> doGetInternalRoleListOfUser >>> >>> >>> >>> If the issue still occurs after overriding the doCheckExistingUser >>> method, please attach your sample code. So we can help you faster. >>> >>> Thanks >>> Isura. >>> >>> On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND < >>> [email protected]> wrote: >>> >>>> Hello again! >>>> >>>> During my tests, I "reinstalled" a new Identity Server v5.3.0 where I >>>> let the default configuration for the primary user store. >>>> I configured my custom secondary user store which retrieves data from a >>>> database. This custom user store is implemented by extending te >>>> AbstractUserStoreManager class and I generated a OSGi bundle which I >>>> dropped in the repository/components/dropins directory. >>>> >>>> So I can see my list of users coming from this user store when I >>>> display it from the identity server. But, when I want to display the roles >>>> of a suer, I noticed that the primary user store is called (in my case, >>>> that was the default >>>> org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager >>>> configured in the user-mgt.xml configuration file) to check if the user >>>> existed and to retrieve its roles. >>>> >>>> Did I miss something in my implementation of the user store to have the >>>> effect of the primary user store taking the lead to retrieve the roles >>>> physically located on the secondary user store? >>>> >>>> Regards, >>>> >>>> Thomas >>>> >>>> 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND <[email protected] >>>> >: >>>> >>>>> Hello, >>>>> >>>>> I really don't understand why my "external" roles don't appear in the >>>>> list and why no role methods are called in my connector because, when I >>>>> configure a LDAP one, I can see the roles retrieved from the LDAP are >>>>> listed with the internal ones. >>>>> >>>>> I set the log level to DEBUG to see that the LDAP user store is >>>>> calling the internal role retrieval method before checking if the user >>>>> exists: >>>>> >>>>> [2017-08-17 11:18:00,647] DEBUG >>>>> {org.wso2.carbon.user.core.common.AbstractUserStoreManager} >>>>> - Retrieving internal roles for user name : a.bresson and search filter >>>>> * >>>>> [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda >>>>> p.ReadOnlyLDAPUserStoreManager} - Searching for user a.bresson >>>>> >>>>> But in my case, the user check method isn't even called! >>>>> >>>>> If I continue with the logs, I can see that: >>>>> >>>>> [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda >>>>> p.ReadOnlyLDAPUserStoreManager} - Reading roles with the >>>>> memberOfProperty Property: memberOf >>>>> >>>>> Following this source code [1], it seems that it executes the method >>>>> to retrieve the external roles. On my side, in my own connector, that does >>>>> not even go there because it doesn't even check if the user exists. >>>>> >>>>> What am I missing? >>>>> >>>>> Regards, >>>>> >>>>> Thomas >>>>> >>>>> [1] https://github.com/biliroy/carbon4-kernel/blob/master/co >>>>> re/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/u >>>>> ser/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724 >>>>> >>>>> 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND <[email protected] >>>>> >: >>>>> >>>>>> Hello everybody, >>>>>> >>>>>> I am writing a custom user store for the Identity Server and I >>>>>> successfully retrieved my list of users from my database. But when I try >>>>>> to >>>>>> display the roles of a user by clicking on the "View Roles" button [1], >>>>>> only the internal roles are displayed. >>>>>> I implemented the methods doGetExternalRoleListOfUser(), >>>>>> doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to >>>>>> log something on the INFO level but nothing happens. >>>>>> >>>>>> Can someone tell me which method to implement? >>>>>> >>>>>> Regards, >>>>>> >>>>>> Thomas >>>>>> >>>>>> [1] [image: Images intégrées 1] >>>>>> >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> >>> *Isura Dilhara Karunaratne* >>> Associate Technical Lead | WSO2 >>> Email: [email protected] >>> Mob : +94 772 254 810 <+94%2077%20225%204810> >>> Blog : http://isurad.blogspot.com/ >>> >>> >>> >>> >> > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
