JON 2.4 LDAP group authorization not working for new users
Issue
-
I am trying to create roles that connect to our LDAP groups.
-
I have been able to connect to LDAP successfully, create a new Role, and search for and assign an existing LDAP group to it under the "Assigned LDAP Groups" section of the role.
- However, when I log in as someone who is in that group, I do not have permission to see anything and the user is not automatically added to the "Assigned Users" section of the JON Role.
- I receive this error in the log:
-
2010-08-30 11:17:15,222 DEBUG [org.rhq.enterprise.server.authz.RequiredPermissionsInterceptor] Interceptor
detected a permission exception
org.rhq.enterprise.server.authz.PermissionException: Subject [systal] is not authorized for [MANAGE_INVENTORY]:
invocation: method=public java.util.Map<org.rhq.core.domain.resource.Resource,
java.util.List<org.rhq.core.domain.resource.Resource>>
org.rhq.enterprise.server.discovery.DiscoveryBossBean.getQueuedPlatformsAndServers(org.rhq.core.domain.auth.Subje
ct,org.rhq.core.domain.util.PageControl),context-data={}
at
org.rhq.enterprise.server.authz.RequiredPermissionsInterceptor.buildPermissionException(RequiredPermissionsInterc
eptor.java:164)
Environment
- JBoss Operations Network(JON) 2.4.0
- LDAP Authentication and Authorization
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
