Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-344

Configuration Information in the shiro.ini file can be overwritten when a new user is added

    XMLWordPrintable

Details

    Description

      Current Situation

      When LDAP authentication is configured with a mapping of LDAP groups to roles - for example:

      sos : it_operator, \
apl : administrator|application_manager

      and a new shiro.ini user account is added in the Manage Accounts view then the ":" characters will be replaced with "=" signs when the shiro.ini file is saved with the new account.
      When a shiro or LDAP user then attempts to log in an error will occur such as:

      2017-11-07 14:25:31,995 ERROR qtp1347137144-21 c.s.j.c.JOCDefaultResponse                   - org.apache.shiro.config.ConfigurationException: Map property value [sos = it_operator, apl = administrator|application_manager] contained key-value pair token [sos = it_operator] that does not properly split to a single key and pair.  This must be the case for all map entries.

      All further user authentication will then be blocked until the shiro.ini file is corrected.

      Desired Behaviour

      It should be possible to use the \ to concate lines for the value of the attribute .groupRolesMapping in the section [main]. When the \ syntax is used in other sections or for other attributes, this will not recognized by the Account Management System in JOC.

      Attachments

        Activity

          People

            ur Uwe Risse
            aa Alan Amos
            Alan Amos Alan Amos
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: