JON 2.4 LDAP group authorization not working for new users

Solution Verified - Updated -

Issue

  • I am trying to create roles that connect to our LDAP groups.

  • I have been able to connect to LDAP successfully, create a new Role, and search for and assign an existing LDAP group to it under the "Assigned LDAP Groups" section of the role.

  • However, when I log in as someone who is in that group, I do not have permission to see anything and the user is not automatically added to the "Assigned Users" section of the JON Role.
  • I receive this error in the log:
  • 2010-08-30 11:17:15,222 DEBUG [org.rhq.enterprise.server.authz.RequiredPermissionsInterceptor] Interceptor

    detected a permission exception

    org.rhq.enterprise.server.authz.PermissionException: Subject [systal] is not authorized for [MANAGE_INVENTORY]:

    invocation: method=public java.util.Map<org.rhq.core.domain.resource.Resource,

    java.util.List<org.rhq.core.domain.resource.Resource>>

    org.rhq.enterprise.server.discovery.DiscoveryBossBean.getQueuedPlatformsAndServers(org.rhq.core.domain.auth.Subje

    ct,org.rhq.core.domain.util.PageControl),context-data={}

            at

    org.rhq.enterprise.server.authz.RequiredPermissionsInterceptor.buildPermissionException(RequiredPermissionsInterc

    eptor.java:164)

Environment

  • JBoss Operations Network(JON) 2.4.0
  • LDAP Authentication and Authorization

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.