I guess this behavior is specific to attaching admin role to the admin user on startup right? If we create a user manually and assign him the admin role and then configure his username in the user-mgt.xml file, it should be fine right?
On Tue, Mar 20, 2018 at 7:23 AM, Ruwan Yatawara <[email protected]> wrote: > Hi all, > > With the bump to kernel 4.4.26, noticed the following behaviour. > > - When a non-existent admin user is declared in user-mgt.xml, at > server boot up even though the user is created, said user is not assigned > the default "admin" role, as expected, instead when browsed via the carbon > console, user is seen to have internal/everyone role, only. > - When the admin role name is also changed along with the new admin > user, the new admin role is attached to the user account as expected. > - Amidst all this however, when enabled user.core debug logs, admin > role is attached to the role as per log : > - DEBUG - JDBCAuthorizationManager abcd1 user is in role : admin > > It appears there maybe an issue with getting the role list of a user / > user list of role for freshly created users, automatically created when > changing the user-mgt.xml. > > I believe this may have an impact on scope validation in api manager when > default admin user name is changed, as the ScopesIssuer class will refer > the role list attached to a particular user (in this case, when an admin > user requests for tokens), before granting a particular scope. > > I am investigating further in to this. > > > Thanks and Regards, > > Ruwan Yatawara > > Technical Lead, > WSO2 Inc. > > email : [email protected] > mobile : +94 77 9110413 > http://ruwansrants.blogspot.com/ > https://500px.com/ruwan_ace > https://medium.com/@ruwanyatawara > > -- Nuwan Dias Software Architect - WSO2, Inc. http://wso2.com email : [email protected] Phone : +94 777 775 729
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
