Hi Petr, No, you don't need to create any nodes manually, for Magnolia 4.5.x or 5.x use the methods: userManager.addRole(createdUser,"rolename"); or: userManager.addGroup(createdUser,"groupname");
I think the tricky thing is that as of Magnolia 4.5 you need to re-load the user after creating it. So you would create the user, set the roles and properties, and then load the user again, and continue working with that newly loaded object. At least, that's what I found. Regards from Vienna, Richard -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Petr Kadlec (via Magnolia Forums) Gesendet: Freitag, 04. Oktober 2013 22:45 An: Magnolia User List Betreff: [magnolia-user] Re: Shibboleth authentication Hello, I almost got the login process to work, but I came into problems when trying to add group or role to newly created user. It just doesnt get added, I get the following debug messages: [code] 2013-10-04 22:27:56,890 DEBUG info.magnolia.cms.security.MgnlUserManager : /external/[email protected] does not have any userroles 2013-10-04 22:27:56,891 DEBUG info.magnolia.cms.security.MgnlUserManager : /external/[email protected] does not have any usergroups 2013-10-04 22:27:56,913 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: groups javax.jcr.PathNotFoundException: groups at org.apache.jackrabbit.core.NodeImpl$8.perform(NodeImpl.java:2136) ... at info.magnolia.cms.security.MgnlUserManager.addGroup(MgnlUserManager.java:719) at cz.muni.phil.magnolia.shibboleth.ShibbolethAuthenticationModule.updateAttributes(ShibbolethAuthenticationModule.java:127) ... [/code] Do I need to create 'groups' node inside user node somehow explicitly? I also tried to add some group manually to the user in admincentral (so the groups node or attribute gets created in user) and then I tried logging in again and adding some other group and role (by my authentication module), but even then it's not working and I get this debug log: [code]2013-10-04 20:47:44,068 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: /external/[email protected]/groups/jcr:mixinTypes has invalid value 2013-10-04 20:47:44,068 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [demo-project-publishers] does not exist in the ROLES repository 2013-10-04 20:47:44,068 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [demo-project-publishers] does not exist in the ROLES repository 2013-10-04 20:47:44,068 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [demo-project-publishers] does not exist in the ROLES repository 2013-10-04 20:47:44,068 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [demo-project-publishers] does not exist in the ROLES repository 2013-10-04 20:47:44,068 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: checked demo-project-publishers for groups in 10ms. 2013-10-04 20:47:44,070 WARN nolia.cms.security.RepositoryBackedSecurityManager: Invalid role requested: superuser 2013-10-04 20:47:44,071 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: /external/[email protected]/roles/jcr:mixinTypes has invalid value 2013-10-04 20:47:44,071 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [superuser] does not exist in the ROLES repository 2013-10-04 20:47:44,071 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [superuser] does not exist in the ROLES repository 2013-10-04 20:47:44,071 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [superuser] does not exist in the ROLES repository 2013-10-04 20:47:44,071 DEBUG nolia.cms.security.RepositoryBackedSecurityManager: Role [superuser] does not exist in the ROLES repository [/code] This I dont understand even more, because both demo-project-publishers and superuser exist. And demo-project-publishers was requested with addGroup not add addRole, but that's probably just error in output messsage. Am I missing something? To create and manipulate user I am using UserManager the same way as it is in JCRAuthenticationModule: [code] SecuritySupport.Factory.getInstance().getUserManager(realm.getName()); [/code] -- Context is everything: http://forum.magnolia-cms.com/forum/thread.html?threadId=8a808b5f-a23d-4fad-8ceb-88591de5990b ---------------------------------------------------------------- For list details, see http://www.magnolia-cms.com/community/mailing-lists.html Alternatively, use our forums: http://forum.magnolia-cms.com/ To unsubscribe, E-mail to: <[email protected]> ---------------------------------------------------------------- ---------------------------------------------------------------- For list details, see http://www.magnolia-cms.com/community/mailing-lists.html Alternatively, use our forums: http://forum.magnolia-cms.com/ To unsubscribe, E-mail to: <[email protected]> ----------------------------------------------------------------
