Hi Megala,
If you have found out the issue and solution. Please do the necessary
change and do a round of testing. If everything works as expected please
send a pull request to the carbon kernel.
@Kernal Team How we can get the this released for the EMM 2.2.0 release ?
Thanks and Best Regards,
Kamidu Sachith Punchihewa
*Software Engineer*
WSO2, Inc.
lean . enterprise . middleware
Mobile : +94 (0) 770566749 <%2B94%20%280%29%20773%20451194>
Disclaimer: This communication may contain privileged or other confidential
information and is intended exclusively for the addressee/s. If you are not
the intended recipient/s, or believe that you may have received this
communication in error, please reply to the sender indicating that fact and
delete the copy you received and in addition, you should not print, copy,
retransmit, disseminate, or otherwise use the information contained in this
communication. Internet communications cannot be guaranteed to be timely,
secure, error or virus-free. The sender does not accept liability for any
errors or omissions.
On Wed, Oct 19, 2016 at 11:07 AM, Megala Uthayakumar <meg...@wso2.com>
wrote:
> Hi All,
>
> I am working on a jira [1] which is related with an exception that is
> thrown when trying to add a user/role in tenant mode using EMM console.
> This is particularly happens when we call the admin service to get the
> secondary user store configurations related to particular tenant [2].
> Following is the root cause behind this exception,
>
> *Caused by: java.lang.SecurityException: Illegal access attempt to cache ]
> owned by tenant*
> *{[test.com <http://test.com>],[1]} by tenant {[test.com
> <http://test.com>],[-1234]}*
>
> When trying to access the cache, the caller's tenant id has changed to
> super-tenant id, although tenant domain is correct. I tried to start the
> tenant flow before calling the admin service, but still I got the same
> error. While debugging I found, [3] is the point where the tenant domain is
> set to correct domain, while the tenant id still set to super-tenant id.
> Locally I changed that particular line as per below,
>
> PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(
> userTenantDomain,*true*);
>
> After that I could get the secondary user-store configurations related to
> that particular tenant. Is this a bug from carbon-level or is there any
> work-around to avoid this? Any comments or suggestions on this regard is
> highly appreciated.
>
> [1] https://wso2.org/jira/browse/EMM-1762
> [2] https://github.com/wso2/carbon-device-mgt/blob/master/
> components/device-mgt/org.wso2.carbon.device.mgt.ui/src/
> main/resources/jaggeryapps/devicemgt/app/modules/
> business-controllers/user.js#L607
> [3] https://github.com/wso2/carbon-kernel/blob/v4.4.9/
> core/org.wso2.carbon.server.admin/src/main/java/org/wso2/
> carbon/server/admin/module/handler/AuthenticationHandler.java#L93
>
> Thanks.
>
> Regards,
> Megala
> --
> Megala Uthayakumar
>
> Software Engineer
> Mobile : 0779967122
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
