Re: [Dev] Display the roles of a custom user store for Identity Server

2017-08-21 Thread Thomas LEGRAND 
Hello Isura,

As I said, I modified my custom user store to prefix the names of the users
with the domain name. So I modified, the method doListUsers to have the
following:

@Override
> public String[] doListUsers(String filter, int maxItemLimit) throws
> UserStoreException {
> LOGGER.info("doListUsers()");
> return new String[]{"CUSTOM/Lala", "CUSTOM/Toto", "CUSTOM/Titi",
> "CUSTOM/Jeje"};
> }


Of course, "CUSTOM" is the defined domain name I used to configure my user
store on the IS.

So I can see list my names [1] but when I want to retrieve the roles via
the "View roles" button in the list, I have the following stack trace and
so, the popup in [2] which appears:

[2017-08-21 08:57:16,158]  INFO
> {fr.icl.picsel20.user.store.CustomUserStoreManager} -  getRoleListOfUser()
> [2017-08-21 08:57:16,158] DEBUG
> {org.wso2.carbon.user.core.common.AbstractUserStoreManager} -  Retrieving
> internal roles for user name :  Jeje and search filter *
> [2017-08-21 08:57:16,158] ERROR
> {org.wso2.carbon.user.core.common.AbstractUserStoreManager} -  Error
> occurred while accessing Java Security Manager Privilege Block
> [2017-08-21 08:57:16,158] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy}
> -  org.wso2.carbon.user.core.UserStoreException: Error occurred while
> accessing Java Security Manager Privilege Block
> [2017-08-21 08:57:16,174] ERROR
> {org.wso2.carbon.user.mgt.ui.UserAdminClient} -  Error occurred while
> accessing Java Security Manager Privilege Block
> org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException:
> UserAdminUserAdminException
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> at java.lang.Class.newInstance(Class.java:442)
> at
> org.wso2.carbon.user.mgt.stub.UserAdminStub.getRolesOfUser(UserAdminStub.java:3054)
> at
> org.wso2.carbon.user.mgt.ui.UserAdminClient.getRolesOfUser(UserAdminClient.java:154)
> at
> org.apache.jsp.user.view_002droles_jsp._jspService(view_002droles_jsp.java:263)
> at
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
> at
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
> at
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
> at
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
> at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:155)
> at
> org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
> at
> org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
> at
> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
> at
> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747)
> at
> org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:603)
> at
> org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:542)
> at
> org.eclipse.equinox.http.servlet.internal.RequestDispatcherAdaptor.include(RequestDispatcherAdaptor.java:37)
> at
> org.eclipse.equinox.http.helper.ContextPathServletAdaptor$RequestDispatcherAdaptor.include(ContextPathServletAdaptor.java:369)
> at
> org.apache.jasper.runtime.JspRuntimeLibrary.include(JspRuntimeLibrary.java:897)
> at
> org.apache.jasper.runtime.PageContextImpl.doInclude(PageContextImpl.java:688)
> at
> org.apache.jasper.runtime.PageContextImpl.include(PageContextImpl.java:682)
> at sun.reflect.GeneratedMethodAccessor90.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at

Re: [Dev] Display the roles of a custom user store for Identity Server

2017-08-20 Thread Isura Karunaratne 
Hi Thomas,

It is wrong to set tenantId as follows for carbon.super tenant. Super
tenant's tenantID is -1234. Can you attach full exception stacktrace.

carbonContext.setTenantId(64302);


Thanks
Isura.

On Fri, Aug 18, 2017 at 6:50 PM, Thomas LEGRAND <
thomas.legr...@versusmind.eu> wrote:

> Hello there,
>
> I found the problem concerning the roles. The Identity Server calls the
> primary user store because the usernames in the list aren't prefixed with
> the domain of the secondary store (which is my custom user store).
> So I modified it and I enter into the method.
>
> Now, I have this weird exception I never encountered before:
>
> [2017-08-18 15:16:04,866] ERROR 
> {org.wso2.carbon.user.core.common.AbstractUserStoreManager}
> -  Error occurred while accessing Java Security Manager Privilege Block
> [2017-08-18 15:16:04,867] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy}
> -  org.wso2.carbon.user.core.UserStoreException: Error occurred while
> accessing Java Security Manager Privilege Block
> [2017-08-18 15:16:04,881] ERROR {org.wso2.carbon.user.mgt.ui.UserAdminClient}
> -  Error occurred while accessing Java Security Manager Privilege Block
>
> Regards,
>
> Thomas
>
> 2017-08-18 14:35 GMT+02:00 Thomas LEGRAND :
>
>> Hello Isura!
>>
>> I did override the methods except the doGetInternalRoleListOfUser because
>> the AbstractUserStoreManager already implements it.
>>
>> Here is my custom store manager in [1] and my "internal" class in [2]. In
>> [3], you will have the user store properties managed by my user store.
>>
>> The goal of the test is to retrieve the roles of a user from the
>> secondary user store implemented by this code by using the interface of the
>> identity server. So you will have a "getRoleListOfUser()" which appears in
>> the logs.
>>
>> [1] CustomUserStoreManager.java
>> [2] CustomUserStoreManagerDSComponent.java
>> [3] CustomUserStoreProperties.java
>>
>> 2017-08-18 12:10 GMT+02:00 Isura Karunaratne :
>>
>>> Hi Thomas,
>>>
>>> Did you override doCheckExistingUser method in your custom user store
>>> manager? In order to view the roles list of the user, following methods
>>> should be overridden.
>>>
>>>
>>>-
>>>
>>>doCheckExistingUser
>>>
>>>-
>>>
>>>doGetExternalRoleListOfUser
>>>
>>>-
>>>
>>>doGetInternalRoleListOfUser
>>>
>>>
>>>
>>> If the issue still occurs after overriding the doCheckExistingUser
>>> method, please attach your sample code. So we can help you faster.
>>>
>>> Thanks
>>> Isura.
>>>
>>> On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND <
>>> thomas.legr...@versusmind.eu> wrote:
>>>
 Hello again!

 During my tests, I "reinstalled" a new Identity Server v5.3.0 where I
 let the default configuration for the primary user store.
 I configured my custom secondary user store which retrieves data from a
 database. This custom user store is implemented by extending te
 AbstractUserStoreManager class and I generated a OSGi bundle which I
 dropped in the repository/components/dropins directory.

 So I can see my list of users coming from this user store when I
 display it from the identity server. But, when I want to display the roles
 of a suer, I noticed that the primary user store is called (in my case,
 that was the default 
 org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager
 configured in the user-mgt.xml configuration file) to check if the user
 existed and to retrieve its roles.

 Did I miss something in my implementation of the user store to have the
 effect of the primary user store taking the lead to retrieve the roles
 physically located on the secondary user store?

 Regards,

 Thomas

 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND :

> Hello,
>
> I really don't understand why my "external" roles don't appear in the
> list and why no role methods are called in my connector because, when I
> configure a LDAP one, I can see the roles retrieved from the LDAP are
> listed with the internal ones.
>
> I set the log level to DEBUG to see that the LDAP user store is
> calling the internal role retrieval method before checking if the user
> exists:
>
> [2017-08-17 11:18:00,647] DEBUG 
> {org.wso2.carbon.user.core.common.AbstractUserStoreManager}
> -  Retrieving internal roles for user name :  a.bresson and search filter 
> *
> [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda
> p.ReadOnlyLDAPUserStoreManager} -  Searching for user a.bresson
>
> But in my case, the user check method isn't even called!
>
> If I continue with the logs, I can see that:
>
> [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda
> p.ReadOnlyLDAPUserStoreManager} -  Reading roles with the
> memberOfProperty Property: memberOf
>
> Following this source

Re: [Dev] Display the roles of a custom user store for Identity Server

2017-08-18 Thread Thomas LEGRAND 
Hello there,

I found the problem concerning the roles. The Identity Server calls the
primary user store because the usernames in the list aren't prefixed with
the domain of the secondary store (which is my custom user store).
So I modified it and I enter into the method.

Now, I have this weird exception I never encountered before:

[2017-08-18 15:16:04,866] ERROR
{org.wso2.carbon.user.core.common.AbstractUserStoreManager} -  Error
occurred while accessing Java Security Manager Privilege Block
[2017-08-18 15:16:04,867] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy}
-  org.wso2.carbon.user.core.UserStoreException: Error occurred while
accessing Java Security Manager Privilege Block
[2017-08-18 15:16:04,881] ERROR
{org.wso2.carbon.user.mgt.ui.UserAdminClient} -  Error occurred while
accessing Java Security Manager Privilege Block

Regards,

Thomas

2017-08-18 14:35 GMT+02:00 Thomas LEGRAND :

> Hello Isura!
>
> I did override the methods except the doGetInternalRoleListOfUser because
> the AbstractUserStoreManager already implements it.
>
> Here is my custom store manager in [1] and my "internal" class in [2]. In
> [3], you will have the user store properties managed by my user store.
>
> The goal of the test is to retrieve the roles of a user from the secondary
> user store implemented by this code by using the interface of the identity
> server. So you will have a "getRoleListOfUser()" which appears in the logs.
>
> [1] CustomUserStoreManager.java
> [2] CustomUserStoreManagerDSComponent.java
> [3] CustomUserStoreProperties.java
>
> 2017-08-18 12:10 GMT+02:00 Isura Karunaratne :
>
>> Hi Thomas,
>>
>> Did you override doCheckExistingUser method in your custom user store
>> manager? In order to view the roles list of the user, following methods
>> should be overridden.
>>
>>
>>-
>>
>>doCheckExistingUser
>>
>>-
>>
>>doGetExternalRoleListOfUser
>>
>>-
>>
>>doGetInternalRoleListOfUser
>>
>>
>>
>> If the issue still occurs after overriding the doCheckExistingUser
>> method, please attach your sample code. So we can help you faster.
>>
>> Thanks
>> Isura.
>>
>> On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND <
>> thomas.legr...@versusmind.eu> wrote:
>>
>>> Hello again!
>>>
>>> During my tests, I "reinstalled" a new Identity Server v5.3.0 where I
>>> let the default configuration for the primary user store.
>>> I configured my custom secondary user store which retrieves data from a
>>> database. This custom user store is implemented by extending te
>>> AbstractUserStoreManager class and I generated a OSGi bundle which I
>>> dropped in the repository/components/dropins directory.
>>>
>>> So I can see my list of users coming from this user store when I display
>>> it from the identity server. But, when I want to display the roles of a
>>> suer, I noticed that the primary user store is called (in my case, that was
>>> the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager
>>> configured in the user-mgt.xml configuration file) to check if the user
>>> existed and to retrieve its roles.
>>>
>>> Did I miss something in my implementation of the user store to have the
>>> effect of the primary user store taking the lead to retrieve the roles
>>> physically located on the secondary user store?
>>>
>>> Regards,
>>>
>>> Thomas
>>>
>>> 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND 
>>> :
>>>
 Hello,

 I really don't understand why my "external" roles don't appear in the
 list and why no role methods are called in my connector because, when I
 configure a LDAP one, I can see the roles retrieved from the LDAP are
 listed with the internal ones.

 I set the log level to DEBUG to see that the LDAP user store is calling
 the internal role retrieval method before checking if the user exists:

 [2017-08-17 11:18:00,647] DEBUG 
 {org.wso2.carbon.user.core.common.AbstractUserStoreManager}
 -  Retrieving internal roles for user name :  a.bresson and search filter *
 [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda
 p.ReadOnlyLDAPUserStoreManager} -  Searching for user a.bresson

 But in my case, the user check method isn't even called!

 If I continue with the logs, I can see that:

 [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda
 p.ReadOnlyLDAPUserStoreManager} -  Reading roles with the
 memberOfProperty Property: memberOf

 Following this source code [1], it seems that it executes the method to
 retrieve the external roles. On my side, in my own connector, that does not
 even go there because it doesn't even check if the user exists.

 What am I missing?

 Regards,

 Thomas

 [1] https://github.com/biliroy/carbon4-kernel/blob/master/co
 re/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/u

Re: [Dev] Display the roles of a custom user store for Identity Server

2017-08-18 Thread Thomas LEGRAND 
Hello Isura!

I did override the methods except the doGetInternalRoleListOfUser because
the AbstractUserStoreManager already implements it.

Here is my custom store manager in [1] and my "internal" class in [2]. In
[3], you will have the user store properties managed by my user store.

The goal of the test is to retrieve the roles of a user from the secondary
user store implemented by this code by using the interface of the identity
server. So you will have a "getRoleListOfUser()" which appears in the logs.

[1] CustomUserStoreManager.java
[2] CustomUserStoreManagerDSComponent.java
[3] CustomUserStoreProperties.java

2017-08-18 12:10 GMT+02:00 Isura Karunaratne :

> Hi Thomas,
>
> Did you override doCheckExistingUser method in your custom user store
> manager? In order to view the roles list of the user, following methods
> should be overridden.
>
>
>-
>
>doCheckExistingUser
>
>-
>
>doGetExternalRoleListOfUser
>
>-
>
>doGetInternalRoleListOfUser
>
>
>
> If the issue still occurs after overriding the doCheckExistingUser method,
> please attach your sample code. So we can help you faster.
>
> Thanks
> Isura.
>
> On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND <
> thomas.legr...@versusmind.eu> wrote:
>
>> Hello again!
>>
>> During my tests, I "reinstalled" a new Identity Server v5.3.0 where I let
>> the default configuration for the primary user store.
>> I configured my custom secondary user store which retrieves data from a
>> database. This custom user store is implemented by extending te
>> AbstractUserStoreManager class and I generated a OSGi bundle which I
>> dropped in the repository/components/dropins directory.
>>
>> So I can see my list of users coming from this user store when I display
>> it from the identity server. But, when I want to display the roles of a
>> suer, I noticed that the primary user store is called (in my case, that was
>> the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager
>> configured in the user-mgt.xml configuration file) to check if the user
>> existed and to retrieve its roles.
>>
>> Did I miss something in my implementation of the user store to have the
>> effect of the primary user store taking the lead to retrieve the roles
>> physically located on the secondary user store?
>>
>> Regards,
>>
>> Thomas
>>
>> 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND :
>>
>>> Hello,
>>>
>>> I really don't understand why my "external" roles don't appear in the
>>> list and why no role methods are called in my connector because, when I
>>> configure a LDAP one, I can see the roles retrieved from the LDAP are
>>> listed with the internal ones.
>>>
>>> I set the log level to DEBUG to see that the LDAP user store is calling
>>> the internal role retrieval method before checking if the user exists:
>>>
>>> [2017-08-17 11:18:00,647] DEBUG 
>>> {org.wso2.carbon.user.core.common.AbstractUserStoreManager}
>>> -  Retrieving internal roles for user name :  a.bresson and search filter *
>>> [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda
>>> p.ReadOnlyLDAPUserStoreManager} -  Searching for user a.bresson
>>>
>>> But in my case, the user check method isn't even called!
>>>
>>> If I continue with the logs, I can see that:
>>>
>>> [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda
>>> p.ReadOnlyLDAPUserStoreManager} -  Reading roles with the
>>> memberOfProperty Property: memberOf
>>>
>>> Following this source code [1], it seems that it executes the method to
>>> retrieve the external roles. On my side, in my own connector, that does not
>>> even go there because it doesn't even check if the user exists.
>>>
>>> What am I missing?
>>>
>>> Regards,
>>>
>>> Thomas
>>>
>>> [1] https://github.com/biliroy/carbon4-kernel/blob/master/co
>>> re/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/
>>> user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724
>>>
>>> 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND :
>>>
 Hello everybody,

 I am writing a custom user store for the Identity Server and I
 successfully retrieved my list of users from my database. But when I try to
 display the roles of a user by clicking on the "View Roles" button [1],
 only the internal roles are displayed.
 I implemented the methods doGetExternalRoleListOfUser(),
  doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to
 log something on the INFO level but nothing happens.

 Can someone tell me which method to implement?

 Regards,

 Thomas

 [1] [image: Images intégrées 1]

>>>
>>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
>
> *Isura Dilhara Karunaratne*
> Associate Technical Lead | WSO2
> Email: is...@wso2.com
> Mob : +94 772 254 810 <+94%2077%20225%204810>
> Blog : http://isurad.blogspot.com/
>
>
>
>

Re: [Dev] Display the roles of a custom user store for Identity Server

2017-08-18 Thread Isura Karunaratne 
Hi Thomas,

Did you override doCheckExistingUser method in your custom user store
manager? In order to view the roles list of the user, following methods
should be overridden.


   -

   doCheckExistingUser

   -

   doGetExternalRoleListOfUser

   -

   doGetInternalRoleListOfUser



If the issue still occurs after overriding the doCheckExistingUser method,
please attach your sample code. So we can help you faster.

Thanks
Isura.

On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND <
thomas.legr...@versusmind.eu> wrote:

> Hello again!
>
> During my tests, I "reinstalled" a new Identity Server v5.3.0 where I let
> the default configuration for the primary user store.
> I configured my custom secondary user store which retrieves data from a
> database. This custom user store is implemented by extending te
> AbstractUserStoreManager class and I generated a OSGi bundle which I
> dropped in the repository/components/dropins directory.
>
> So I can see my list of users coming from this user store when I display
> it from the identity server. But, when I want to display the roles of a
> suer, I noticed that the primary user store is called (in my case, that was
> the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager
> configured in the user-mgt.xml configuration file) to check if the user
> existed and to retrieve its roles.
>
> Did I miss something in my implementation of the user store to have the
> effect of the primary user store taking the lead to retrieve the roles
> physically located on the secondary user store?
>
> Regards,
>
> Thomas
>
> 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND :
>
>> Hello,
>>
>> I really don't understand why my "external" roles don't appear in the
>> list and why no role methods are called in my connector because, when I
>> configure a LDAP one, I can see the roles retrieved from the LDAP are
>> listed with the internal ones.
>>
>> I set the log level to DEBUG to see that the LDAP user store is calling
>> the internal role retrieval method before checking if the user exists:
>>
>> [2017-08-17 11:18:00,647] DEBUG 
>> {org.wso2.carbon.user.core.common.AbstractUserStoreManager}
>> -  Retrieving internal roles for user name :  a.bresson and search filter *
>> [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda
>> p.ReadOnlyLDAPUserStoreManager} -  Searching for user a.bresson
>>
>> But in my case, the user check method isn't even called!
>>
>> If I continue with the logs, I can see that:
>>
>> [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda
>> p.ReadOnlyLDAPUserStoreManager} -  Reading roles with the
>> memberOfProperty Property: memberOf
>>
>> Following this source code [1], it seems that it executes the method to
>> retrieve the external roles. On my side, in my own connector, that does not
>> even go there because it doesn't even check if the user exists.
>>
>> What am I missing?
>>
>> Regards,
>>
>> Thomas
>>
>> [1] https://github.com/biliroy/carbon4-kernel/blob/master/
>> core/org.wso2.carbon.user.core/src/main/java/org/wso2/
>> carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724
>>
>> 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND :
>>
>>> Hello everybody,
>>>
>>> I am writing a custom user store for the Identity Server and I
>>> successfully retrieved my list of users from my database. But when I try to
>>> display the roles of a user by clicking on the "View Roles" button [1],
>>> only the internal roles are displayed.
>>> I implemented the methods doGetExternalRoleListOfUser(),
>>>  doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log
>>> something on the INFO level but nothing happens.
>>>
>>> Can someone tell me which method to implement?
>>>
>>> Regards,
>>>
>>> Thomas
>>>
>>> [1] [image: Images intégrées 1]
>>>
>>
>>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

*Isura Dilhara Karunaratne*
Associate Technical Lead | WSO2
Email: is...@wso2.com
Mob : +94 772 254 810
Blog : http://isurad.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Display the roles of a custom user store for Identity Server

2017-08-18 Thread Thomas LEGRAND 
Hello again!

During my tests, I "reinstalled" a new Identity Server v5.3.0 where I let
the default configuration for the primary user store.
I configured my custom secondary user store which retrieves data from a
database. This custom user store is implemented by extending te
AbstractUserStoreManager class and I generated a OSGi bundle which I
dropped in the repository/components/dropins directory.

So I can see my list of users coming from this user store when I display it
from the identity server. But, when I want to display the roles of a suer,
I noticed that the primary user store is called (in my case, that was the
default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager
configured in the user-mgt.xml configuration file) to check if the user
existed and to retrieve its roles.

Did I miss something in my implementation of the user store to have the
effect of the primary user store taking the lead to retrieve the roles
physically located on the secondary user store?

Regards,

Thomas

2017-08-17 11:22 GMT+02:00 Thomas LEGRAND :

> Hello,
>
> I really don't understand why my "external" roles don't appear in the list
> and why no role methods are called in my connector because, when I
> configure a LDAP one, I can see the roles retrieved from the LDAP are
> listed with the internal ones.
>
> I set the log level to DEBUG to see that the LDAP user store is calling
> the internal role retrieval method before checking if the user exists:
>
> [2017-08-17 11:18:00,647] DEBUG 
> {org.wso2.carbon.user.core.common.AbstractUserStoreManager}
> -  Retrieving internal roles for user name :  a.bresson and search filter *
> [2017-08-17 11:18:00,648] DEBUG 
> {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager}
> -  Searching for user a.bresson
>
> But in my case, the user check method isn't even called!
>
> If I continue with the logs, I can see that:
>
> [2017-08-17 11:18:00,653] DEBUG 
> {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager}
> -  Reading roles with the memberOfProperty Property: memberOf
>
> Following this source code [1], it seems that it executes the method to
> retrieve the external roles. On my side, in my own connector, that does not
> even go there because it doesn't even check if the user exists.
>
> What am I missing?
>
> Regards,
>
> Thomas
>
> [1] https://github.com/biliroy/carbon4-kernel/blob/
> master/core/org.wso2.carbon.user.core/src/main/java/org/
> wso2/carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724
>
> 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND :
>
>> Hello everybody,
>>
>> I am writing a custom user store for the Identity Server and I
>> successfully retrieved my list of users from my database. But when I try to
>> display the roles of a user by clicking on the "View Roles" button [1],
>> only the internal roles are displayed.
>> I implemented the methods doGetExternalRoleListOfUser(),
>>  doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log
>> something on the INFO level but nothing happens.
>>
>> Can someone tell me which method to implement?
>>
>> Regards,
>>
>> Thomas
>>
>> [1] [image: Images intégrées 1]
>>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Display the roles of a custom user store for Identity Server

2017-08-17 Thread Thomas LEGRAND 
Hello,

I really don't understand why my "external" roles don't appear in the list
and why no role methods are called in my connector because, when I
configure a LDAP one, I can see the roles retrieved from the LDAP are
listed with the internal ones.

I set the log level to DEBUG to see that the LDAP user store is calling the
internal role retrieval method before checking if the user exists:

[2017-08-17 11:18:00,647] DEBUG
{org.wso2.carbon.user.core.common.AbstractUserStoreManager} -  Retrieving
internal roles for user name :  a.bresson and search filter *
[2017-08-17 11:18:00,648] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} -  Searching
for user a.bresson

But in my case, the user check method isn't even called!

If I continue with the logs, I can see that:

[2017-08-17 11:18:00,653] DEBUG
{org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} -  Reading
roles with the memberOfProperty Property: memberOf

Following this source code [1], it seems that it executes the method to
retrieve the external roles. On my side, in my own connector, that does not
even go there because it doesn't even check if the user exists.

What am I missing?

Regards,

Thomas

[1]
https://github.com/biliroy/carbon4-kernel/blob/master/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724

2017-08-16 9:56 GMT+02:00 Thomas LEGRAND :

> Hello everybody,
>
> I am writing a custom user store for the Identity Server and I
> successfully retrieved my list of users from my database. But when I try to
> display the roles of a user by clicking on the "View Roles" button [1],
> only the internal roles are displayed.
> I implemented the methods doGetExternalRoleListOfUser(),
> doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log
> something on the INFO level but nothing happens.
>
> Can someone tell me which method to implement?
>
> Regards,
>
> Thomas
>
> [1] [image: Images intégrées 1]
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Display the roles of a custom user store for Identity Server

2017-08-16 Thread Thomas LEGRAND 
Hello everybody,

I am writing a custom user store for the Identity Server and I successfully
retrieved my list of users from my database. But when I try to display the
roles of a user by clicking on the "View Roles" button [1], only the
internal roles are displayed.
I implemented the methods
doGetExternalRoleListOfUser(), doGetDisplayNamesForInternalRole(),
doGetSharedRoleListOfUser()
to log something on the INFO level but nothing happens.

Can someone tell me which method to implement?

Regards,

Thomas

[1] [image: Images intégrées 1]
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev