uPortal
  1. uPortal
  2. UP-2988

Group/Role mappings from portlet.xml not working correctly

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 3.2.4
    • Fix Version/s: None
    • Component/s: Groups, Portlet Container
    • Labels:
      None

      Description

      We are working on a portlet and need to check a role from PAGS. We followed the docs here:
      https://wiki.jasig.org/display/UPM32/Consuming+uPortal+Groups+as+Roles

      but cannot get the mapping to work.

      1. In portlet.xml, we have the following after portlet tag
      <security-role-ref>
      <role-name>xxxAdmin</role-name>
      <role-link>pags.all_users</role-link>
      </security-role-ref>

      2. Inside PAGSGroupStoreConfig.xml located at ...\uportal-impl\src\main\resources\properties\groups, we defined the group keys, eg:
      <group-key>all_users</group-key>
      ...
      <group-key>anu_student</group-key>
      ...
      <group-key>anu_staff</group-key>

      3. In the portlet class, we used the following code to check
      boolean isAdmin = request.isUserInRole("xxxAdmin");

      It seems the returned Boolean is always False.

      ------------------------------------------------------------------------------------------------------------
      On 29/04/2011, at 12:17 PM, Eric Dalquist wrote:

      Just as a test can you try doing:

      boolean isAdmin = request.isUserInRole("pags.all_users");

      I'm wondering if the role-mapping logic isn't working right.

      -Eric

      ------------------------------------------------------------------------------------------------------------
      On 29/04/2011, at 12:23 PM, Chao Jiang wrote:

      Thanks a lot, it works fine,

      Do I need to setup the mapping somewhere in XML or there is mapping issue with uPortal?

      Regards
      Chao

      ------------------------------------------------------------------------------------------------------------
      On 29/04/2011, at 12:48 PM, Eric Dalquist wrote:

      My guess is there is a mapping issue in uPortal. There is a request wrapper that gets added in the request processing chain that does the group resolution for portlets and I'm wondering if it isn't looking at the mapping correctly. I don't have the code handy right now but I'll try to take a look tomorrow morning.

      -Eric

        Activity

        Hide
        Steve Swinsburg added a comment -

        It looks like I was thrown a red herring on this one, everything is working fine. Local groups, PAGs groups, and either using the mapping name or the group directly all works fine.

        For example:

        <security-role-ref>
        <role-name>pagsTest1</role-name>
        <role-link>pags.anu_student</role-link>
        </security-role-ref>

        <security-role-ref>
        <role-name>pagsTest2</role-name>
        <role-link>ANU Student</role-link>
        </security-role-ref>

        <security-role-ref>
        <role-name>localTest1</role-name>
        <role-link>Portal Developers</role-link>
        </security-role-ref>

        request.isUserInRole("pagsTest1");
        request.isUserInRole("pagsTest2");
        request.isUserInRole("localTest1");
        request.isUserInRole("pags.anu_student");
        request.isUserInRole("ANU Student");
        request.isUserInRole("Portal Developers");

        This all works as expected.

        I believe the role mappings may not have been put within the <portlet> tags previously. But all is well. I'll close this off.

        Show
        Steve Swinsburg added a comment - It looks like I was thrown a red herring on this one, everything is working fine. Local groups, PAGs groups, and either using the mapping name or the group directly all works fine. For example: <security-role-ref> <role-name>pagsTest1</role-name> <role-link>pags.anu_student</role-link> </security-role-ref> <security-role-ref> <role-name>pagsTest2</role-name> <role-link>ANU Student</role-link> </security-role-ref> <security-role-ref> <role-name>localTest1</role-name> <role-link>Portal Developers</role-link> </security-role-ref> request.isUserInRole("pagsTest1"); request.isUserInRole("pagsTest2"); request.isUserInRole("localTest1"); request.isUserInRole("pags.anu_student"); request.isUserInRole("ANU Student"); request.isUserInRole("Portal Developers"); This all works as expected. I believe the role mappings may not have been put within the <portlet> tags previously. But all is well. I'll close this off.

          People

          • Assignee:
            Unassigned
            Reporter:
            Steve Swinsburg
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: