Re: [Dev] Display the roles of a custom user store for Identity Server
Hello Isura, As I said, I modified my custom user store to prefix the names of the users with the domain name. So I modified, the method doListUsers to have the following: @Override > public String[] doListUsers(String filter, int maxItemLimit) throws > UserStoreException { > LOGGER.info("doListUsers()"); > return new String[]{"CUSTOM/Lala", "CUSTOM/Toto", "CUSTOM/Titi", > "CUSTOM/Jeje"}; > } Of course, "CUSTOM" is the defined domain name I used to configure my user store on the IS. So I can see list my names [1] but when I want to retrieve the roles via the "View roles" button in the list, I have the following stack trace and so, the popup in [2] which appears: [2017-08-21 08:57:16,158] INFO > {fr.icl.picsel20.user.store.CustomUserStoreManager} - getRoleListOfUser() > [2017-08-21 08:57:16,158] DEBUG > {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Retrieving > internal roles for user name : Jeje and search filter * > [2017-08-21 08:57:16,158] ERROR > {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Error > occurred while accessing Java Security Manager Privilege Block > [2017-08-21 08:57:16,158] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy} > - org.wso2.carbon.user.core.UserStoreException: Error occurred while > accessing Java Security Manager Privilege Block > [2017-08-21 08:57:16,174] ERROR > {org.wso2.carbon.user.mgt.ui.UserAdminClient} - Error occurred while > accessing Java Security Manager Privilege Block > org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException: > UserAdminUserAdminException > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native > Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:423) > at java.lang.Class.newInstance(Class.java:442) > at > org.wso2.carbon.user.mgt.stub.UserAdminStub.getRolesOfUser(UserAdminStub.java:3054) > at > org.wso2.carbon.user.mgt.ui.UserAdminClient.getRolesOfUser(UserAdminClient.java:154) > at > org.apache.jsp.user.view_002droles_jsp._jspService(view_002droles_jsp.java:263) > at > org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > at > org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439) > at > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395) > at > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:155) > at > org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > at > org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37) > at > org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) > at > org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) > at > org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > at > org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747) > at > org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:603) > at > org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:542) > at > org.eclipse.equinox.http.servlet.internal.RequestDispatcherAdaptor.include(RequestDispatcherAdaptor.java:37) > at > org.eclipse.equinox.http.helper.ContextPathServletAdaptor$RequestDispatcherAdaptor.include(ContextPathServletAdaptor.java:369) > at > org.apache.jasper.runtime.JspRuntimeLibrary.include(JspRuntimeLibrary.java:897) > at > org.apache.jasper.runtime.PageContextImpl.doInclude(PageContextImpl.java:688) > at > org.apache.jasper.runtime.PageContextImpl.include(PageContextImpl.java:682) > at sun.reflect.GeneratedMethodAccessor90.invoke(Unknown Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at
Re: [Dev] Display the roles of a custom user store for Identity Server
Hi Thomas, It is wrong to set tenantId as follows for carbon.super tenant. Super tenant's tenantID is -1234. Can you attach full exception stacktrace. carbonContext.setTenantId(64302); Thanks Isura. On Fri, Aug 18, 2017 at 6:50 PM, Thomas LEGRAND < thomas.legr...@versusmind.eu> wrote: > Hello there, > > I found the problem concerning the roles. The Identity Server calls the > primary user store because the usernames in the list aren't prefixed with > the domain of the secondary store (which is my custom user store). > So I modified it and I enter into the method. > > Now, I have this weird exception I never encountered before: > > [2017-08-18 15:16:04,866] ERROR > {org.wso2.carbon.user.core.common.AbstractUserStoreManager} > - Error occurred while accessing Java Security Manager Privilege Block > [2017-08-18 15:16:04,867] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy} > - org.wso2.carbon.user.core.UserStoreException: Error occurred while > accessing Java Security Manager Privilege Block > [2017-08-18 15:16:04,881] ERROR {org.wso2.carbon.user.mgt.ui.UserAdminClient} > - Error occurred while accessing Java Security Manager Privilege Block > > Regards, > > Thomas > > 2017-08-18 14:35 GMT+02:00 Thomas LEGRAND: > >> Hello Isura! >> >> I did override the methods except the doGetInternalRoleListOfUser because >> the AbstractUserStoreManager already implements it. >> >> Here is my custom store manager in [1] and my "internal" class in [2]. In >> [3], you will have the user store properties managed by my user store. >> >> The goal of the test is to retrieve the roles of a user from the >> secondary user store implemented by this code by using the interface of the >> identity server. So you will have a "getRoleListOfUser()" which appears in >> the logs. >> >> [1] CustomUserStoreManager.java >> [2] CustomUserStoreManagerDSComponent.java >> [3] CustomUserStoreProperties.java >> >> 2017-08-18 12:10 GMT+02:00 Isura Karunaratne : >> >>> Hi Thomas, >>> >>> Did you override doCheckExistingUser method in your custom user store >>> manager? In order to view the roles list of the user, following methods >>> should be overridden. >>> >>> >>>- >>> >>>doCheckExistingUser >>> >>>- >>> >>>doGetExternalRoleListOfUser >>> >>>- >>> >>>doGetInternalRoleListOfUser >>> >>> >>> >>> If the issue still occurs after overriding the doCheckExistingUser >>> method, please attach your sample code. So we can help you faster. >>> >>> Thanks >>> Isura. >>> >>> On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND < >>> thomas.legr...@versusmind.eu> wrote: >>> Hello again! During my tests, I "reinstalled" a new Identity Server v5.3.0 where I let the default configuration for the primary user store. I configured my custom secondary user store which retrieves data from a database. This custom user store is implemented by extending te AbstractUserStoreManager class and I generated a OSGi bundle which I dropped in the repository/components/dropins directory. So I can see my list of users coming from this user store when I display it from the identity server. But, when I want to display the roles of a suer, I noticed that the primary user store is called (in my case, that was the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager configured in the user-mgt.xml configuration file) to check if the user existed and to retrieve its roles. Did I miss something in my implementation of the user store to have the effect of the primary user store taking the lead to retrieve the roles physically located on the secondary user store? Regards, Thomas 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND : > Hello, > > I really don't understand why my "external" roles don't appear in the > list and why no role methods are called in my connector because, when I > configure a LDAP one, I can see the roles retrieved from the LDAP are > listed with the internal ones. > > I set the log level to DEBUG to see that the LDAP user store is > calling the internal role retrieval method before checking if the user > exists: > > [2017-08-17 11:18:00,647] DEBUG > {org.wso2.carbon.user.core.common.AbstractUserStoreManager} > - Retrieving internal roles for user name : a.bresson and search filter > * > [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda > p.ReadOnlyLDAPUserStoreManager} - Searching for user a.bresson > > But in my case, the user check method isn't even called! > > If I continue with the logs, I can see that: > > [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda > p.ReadOnlyLDAPUserStoreManager} - Reading roles with the > memberOfProperty Property: memberOf > > Following this source
Re: [Dev] Display the roles of a custom user store for Identity Server
Hello there, I found the problem concerning the roles. The Identity Server calls the primary user store because the usernames in the list aren't prefixed with the domain of the secondary store (which is my custom user store). So I modified it and I enter into the method. Now, I have this weird exception I never encountered before: [2017-08-18 15:16:04,866] ERROR {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Error occurred while accessing Java Security Manager Privilege Block [2017-08-18 15:16:04,867] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy} - org.wso2.carbon.user.core.UserStoreException: Error occurred while accessing Java Security Manager Privilege Block [2017-08-18 15:16:04,881] ERROR {org.wso2.carbon.user.mgt.ui.UserAdminClient} - Error occurred while accessing Java Security Manager Privilege Block Regards, Thomas 2017-08-18 14:35 GMT+02:00 Thomas LEGRAND: > Hello Isura! > > I did override the methods except the doGetInternalRoleListOfUser because > the AbstractUserStoreManager already implements it. > > Here is my custom store manager in [1] and my "internal" class in [2]. In > [3], you will have the user store properties managed by my user store. > > The goal of the test is to retrieve the roles of a user from the secondary > user store implemented by this code by using the interface of the identity > server. So you will have a "getRoleListOfUser()" which appears in the logs. > > [1] CustomUserStoreManager.java > [2] CustomUserStoreManagerDSComponent.java > [3] CustomUserStoreProperties.java > > 2017-08-18 12:10 GMT+02:00 Isura Karunaratne : > >> Hi Thomas, >> >> Did you override doCheckExistingUser method in your custom user store >> manager? In order to view the roles list of the user, following methods >> should be overridden. >> >> >>- >> >>doCheckExistingUser >> >>- >> >>doGetExternalRoleListOfUser >> >>- >> >>doGetInternalRoleListOfUser >> >> >> >> If the issue still occurs after overriding the doCheckExistingUser >> method, please attach your sample code. So we can help you faster. >> >> Thanks >> Isura. >> >> On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND < >> thomas.legr...@versusmind.eu> wrote: >> >>> Hello again! >>> >>> During my tests, I "reinstalled" a new Identity Server v5.3.0 where I >>> let the default configuration for the primary user store. >>> I configured my custom secondary user store which retrieves data from a >>> database. This custom user store is implemented by extending te >>> AbstractUserStoreManager class and I generated a OSGi bundle which I >>> dropped in the repository/components/dropins directory. >>> >>> So I can see my list of users coming from this user store when I display >>> it from the identity server. But, when I want to display the roles of a >>> suer, I noticed that the primary user store is called (in my case, that was >>> the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager >>> configured in the user-mgt.xml configuration file) to check if the user >>> existed and to retrieve its roles. >>> >>> Did I miss something in my implementation of the user store to have the >>> effect of the primary user store taking the lead to retrieve the roles >>> physically located on the secondary user store? >>> >>> Regards, >>> >>> Thomas >>> >>> 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND >>> : >>> Hello, I really don't understand why my "external" roles don't appear in the list and why no role methods are called in my connector because, when I configure a LDAP one, I can see the roles retrieved from the LDAP are listed with the internal ones. I set the log level to DEBUG to see that the LDAP user store is calling the internal role retrieval method before checking if the user exists: [2017-08-17 11:18:00,647] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Retrieving internal roles for user name : a.bresson and search filter * [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda p.ReadOnlyLDAPUserStoreManager} - Searching for user a.bresson But in my case, the user check method isn't even called! If I continue with the logs, I can see that: [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda p.ReadOnlyLDAPUserStoreManager} - Reading roles with the memberOfProperty Property: memberOf Following this source code [1], it seems that it executes the method to retrieve the external roles. On my side, in my own connector, that does not even go there because it doesn't even check if the user exists. What am I missing? Regards, Thomas [1] https://github.com/biliroy/carbon4-kernel/blob/master/co re/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/u
Re: [Dev] Display the roles of a custom user store for Identity Server
Hello Isura! I did override the methods except the doGetInternalRoleListOfUser because the AbstractUserStoreManager already implements it. Here is my custom store manager in [1] and my "internal" class in [2]. In [3], you will have the user store properties managed by my user store. The goal of the test is to retrieve the roles of a user from the secondary user store implemented by this code by using the interface of the identity server. So you will have a "getRoleListOfUser()" which appears in the logs. [1] CustomUserStoreManager.java [2] CustomUserStoreManagerDSComponent.java [3] CustomUserStoreProperties.java 2017-08-18 12:10 GMT+02:00 Isura Karunaratne: > Hi Thomas, > > Did you override doCheckExistingUser method in your custom user store > manager? In order to view the roles list of the user, following methods > should be overridden. > > >- > >doCheckExistingUser > >- > >doGetExternalRoleListOfUser > >- > >doGetInternalRoleListOfUser > > > > If the issue still occurs after overriding the doCheckExistingUser method, > please attach your sample code. So we can help you faster. > > Thanks > Isura. > > On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND < > thomas.legr...@versusmind.eu> wrote: > >> Hello again! >> >> During my tests, I "reinstalled" a new Identity Server v5.3.0 where I let >> the default configuration for the primary user store. >> I configured my custom secondary user store which retrieves data from a >> database. This custom user store is implemented by extending te >> AbstractUserStoreManager class and I generated a OSGi bundle which I >> dropped in the repository/components/dropins directory. >> >> So I can see my list of users coming from this user store when I display >> it from the identity server. But, when I want to display the roles of a >> suer, I noticed that the primary user store is called (in my case, that was >> the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager >> configured in the user-mgt.xml configuration file) to check if the user >> existed and to retrieve its roles. >> >> Did I miss something in my implementation of the user store to have the >> effect of the primary user store taking the lead to retrieve the roles >> physically located on the secondary user store? >> >> Regards, >> >> Thomas >> >> 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND : >> >>> Hello, >>> >>> I really don't understand why my "external" roles don't appear in the >>> list and why no role methods are called in my connector because, when I >>> configure a LDAP one, I can see the roles retrieved from the LDAP are >>> listed with the internal ones. >>> >>> I set the log level to DEBUG to see that the LDAP user store is calling >>> the internal role retrieval method before checking if the user exists: >>> >>> [2017-08-17 11:18:00,647] DEBUG >>> {org.wso2.carbon.user.core.common.AbstractUserStoreManager} >>> - Retrieving internal roles for user name : a.bresson and search filter * >>> [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda >>> p.ReadOnlyLDAPUserStoreManager} - Searching for user a.bresson >>> >>> But in my case, the user check method isn't even called! >>> >>> If I continue with the logs, I can see that: >>> >>> [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda >>> p.ReadOnlyLDAPUserStoreManager} - Reading roles with the >>> memberOfProperty Property: memberOf >>> >>> Following this source code [1], it seems that it executes the method to >>> retrieve the external roles. On my side, in my own connector, that does not >>> even go there because it doesn't even check if the user exists. >>> >>> What am I missing? >>> >>> Regards, >>> >>> Thomas >>> >>> [1] https://github.com/biliroy/carbon4-kernel/blob/master/co >>> re/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/ >>> user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724 >>> >>> 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND : >>> Hello everybody, I am writing a custom user store for the Identity Server and I successfully retrieved my list of users from my database. But when I try to display the roles of a user by clicking on the "View Roles" button [1], only the internal roles are displayed. I implemented the methods doGetExternalRoleListOfUser(), doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log something on the INFO level but nothing happens. Can someone tell me which method to implement? Regards, Thomas [1] [image: Images intégrées 1] >>> >>> >> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > *Isura Dilhara Karunaratne* > Associate Technical Lead | WSO2 > Email: is...@wso2.com > Mob : +94 772 254 810 <+94%2077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > >
Re: [Dev] Display the roles of a custom user store for Identity Server
Hi Thomas, Did you override doCheckExistingUser method in your custom user store manager? In order to view the roles list of the user, following methods should be overridden. - doCheckExistingUser - doGetExternalRoleListOfUser - doGetInternalRoleListOfUser If the issue still occurs after overriding the doCheckExistingUser method, please attach your sample code. So we can help you faster. Thanks Isura. On Fri, Aug 18, 2017 at 3:09 PM, Thomas LEGRAND < thomas.legr...@versusmind.eu> wrote: > Hello again! > > During my tests, I "reinstalled" a new Identity Server v5.3.0 where I let > the default configuration for the primary user store. > I configured my custom secondary user store which retrieves data from a > database. This custom user store is implemented by extending te > AbstractUserStoreManager class and I generated a OSGi bundle which I > dropped in the repository/components/dropins directory. > > So I can see my list of users coming from this user store when I display > it from the identity server. But, when I want to display the roles of a > suer, I noticed that the primary user store is called (in my case, that was > the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager > configured in the user-mgt.xml configuration file) to check if the user > existed and to retrieve its roles. > > Did I miss something in my implementation of the user store to have the > effect of the primary user store taking the lead to retrieve the roles > physically located on the secondary user store? > > Regards, > > Thomas > > 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND: > >> Hello, >> >> I really don't understand why my "external" roles don't appear in the >> list and why no role methods are called in my connector because, when I >> configure a LDAP one, I can see the roles retrieved from the LDAP are >> listed with the internal ones. >> >> I set the log level to DEBUG to see that the LDAP user store is calling >> the internal role retrieval method before checking if the user exists: >> >> [2017-08-17 11:18:00,647] DEBUG >> {org.wso2.carbon.user.core.common.AbstractUserStoreManager} >> - Retrieving internal roles for user name : a.bresson and search filter * >> [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.lda >> p.ReadOnlyLDAPUserStoreManager} - Searching for user a.bresson >> >> But in my case, the user check method isn't even called! >> >> If I continue with the logs, I can see that: >> >> [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.lda >> p.ReadOnlyLDAPUserStoreManager} - Reading roles with the >> memberOfProperty Property: memberOf >> >> Following this source code [1], it seems that it executes the method to >> retrieve the external roles. On my side, in my own connector, that does not >> even go there because it doesn't even check if the user exists. >> >> What am I missing? >> >> Regards, >> >> Thomas >> >> [1] https://github.com/biliroy/carbon4-kernel/blob/master/ >> core/org.wso2.carbon.user.core/src/main/java/org/wso2/ >> carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724 >> >> 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND : >> >>> Hello everybody, >>> >>> I am writing a custom user store for the Identity Server and I >>> successfully retrieved my list of users from my database. But when I try to >>> display the roles of a user by clicking on the "View Roles" button [1], >>> only the internal roles are displayed. >>> I implemented the methods doGetExternalRoleListOfUser(), >>> doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log >>> something on the INFO level but nothing happens. >>> >>> Can someone tell me which method to implement? >>> >>> Regards, >>> >>> Thomas >>> >>> [1] [image: Images intégrées 1] >>> >> >> > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: is...@wso2.com Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/ ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Display the roles of a custom user store for Identity Server
Hello again! During my tests, I "reinstalled" a new Identity Server v5.3.0 where I let the default configuration for the primary user store. I configured my custom secondary user store which retrieves data from a database. This custom user store is implemented by extending te AbstractUserStoreManager class and I generated a OSGi bundle which I dropped in the repository/components/dropins directory. So I can see my list of users coming from this user store when I display it from the identity server. But, when I want to display the roles of a suer, I noticed that the primary user store is called (in my case, that was the default org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager configured in the user-mgt.xml configuration file) to check if the user existed and to retrieve its roles. Did I miss something in my implementation of the user store to have the effect of the primary user store taking the lead to retrieve the roles physically located on the secondary user store? Regards, Thomas 2017-08-17 11:22 GMT+02:00 Thomas LEGRAND: > Hello, > > I really don't understand why my "external" roles don't appear in the list > and why no role methods are called in my connector because, when I > configure a LDAP one, I can see the roles retrieved from the LDAP are > listed with the internal ones. > > I set the log level to DEBUG to see that the LDAP user store is calling > the internal role retrieval method before checking if the user exists: > > [2017-08-17 11:18:00,647] DEBUG > {org.wso2.carbon.user.core.common.AbstractUserStoreManager} > - Retrieving internal roles for user name : a.bresson and search filter * > [2017-08-17 11:18:00,648] DEBUG > {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} > - Searching for user a.bresson > > But in my case, the user check method isn't even called! > > If I continue with the logs, I can see that: > > [2017-08-17 11:18:00,653] DEBUG > {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} > - Reading roles with the memberOfProperty Property: memberOf > > Following this source code [1], it seems that it executes the method to > retrieve the external roles. On my side, in my own connector, that does not > even go there because it doesn't even check if the user exists. > > What am I missing? > > Regards, > > Thomas > > [1] https://github.com/biliroy/carbon4-kernel/blob/ > master/core/org.wso2.carbon.user.core/src/main/java/org/ > wso2/carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724 > > 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND : > >> Hello everybody, >> >> I am writing a custom user store for the Identity Server and I >> successfully retrieved my list of users from my database. But when I try to >> display the roles of a user by clicking on the "View Roles" button [1], >> only the internal roles are displayed. >> I implemented the methods doGetExternalRoleListOfUser(), >> doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log >> something on the INFO level but nothing happens. >> >> Can someone tell me which method to implement? >> >> Regards, >> >> Thomas >> >> [1] [image: Images intégrées 1] >> > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Display the roles of a custom user store for Identity Server
Hello, I really don't understand why my "external" roles don't appear in the list and why no role methods are called in my connector because, when I configure a LDAP one, I can see the roles retrieved from the LDAP are listed with the internal ones. I set the log level to DEBUG to see that the LDAP user store is calling the internal role retrieval method before checking if the user exists: [2017-08-17 11:18:00,647] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Retrieving internal roles for user name : a.bresson and search filter * [2017-08-17 11:18:00,648] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user a.bresson But in my case, the user check method isn't even called! If I continue with the logs, I can see that: [2017-08-17 11:18:00,653] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Reading roles with the memberOfProperty Property: memberOf Following this source code [1], it seems that it executes the method to retrieve the external roles. On my side, in my own connector, that does not even go there because it doesn't even check if the user exists. What am I missing? Regards, Thomas [1] https://github.com/biliroy/carbon4-kernel/blob/master/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/ldap/ReadOnlyLDAPUserStoreManager.java#L1724 2017-08-16 9:56 GMT+02:00 Thomas LEGRAND: > Hello everybody, > > I am writing a custom user store for the Identity Server and I > successfully retrieved my list of users from my database. But when I try to > display the roles of a user by clicking on the "View Roles" button [1], > only the internal roles are displayed. > I implemented the methods doGetExternalRoleListOfUser(), > doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log > something on the INFO level but nothing happens. > > Can someone tell me which method to implement? > > Regards, > > Thomas > > [1] [image: Images intégrées 1] > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Display the roles of a custom user store for Identity Server
Hello everybody, I am writing a custom user store for the Identity Server and I successfully retrieved my list of users from my database. But when I try to display the roles of a user by clicking on the "View Roles" button [1], only the internal roles are displayed. I implemented the methods doGetExternalRoleListOfUser(), doGetDisplayNamesForInternalRole(), doGetSharedRoleListOfUser() to log something on the INFO level but nothing happens. Can someone tell me which method to implement? Regards, Thomas [1] [image: Images intégrées 1] ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev