[jira] [Commented] (KARAF-5014) First role of group definition in users.properties missing

Fri, 27 Sep 2024 05:22:32 -0700 


    [ 
https://issues.apache.org/jira/browse/KARAF-5014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17885348#comment-17885348
 ] 

ASF GitHub Bot commented on KARAF-5014:
---------------------------------------

jbonofre commented on code in PR #1863:
URL: https://github.com/apache/karaf/pull/1863#discussion_r1778528917


##########
jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java:
##########
@@ -52,14 +52,13 @@ public void addUser(String username, String password) {
         if (username.startsWith(GROUP_PREFIX))
             throw new IllegalArgumentException("Prefix not permitted: " + 
GROUP_PREFIX);
 
-        addUserInternal(username, password);
+        addUserInternal(username, encryptionSupport.encrypt(password));

Review Comment:
   Why forcing encryption here ? It's an optional feature.



##########
jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java:
##########
@@ -157,22 +159,37 @@ private List<RolePrincipal> listRoles(String name) {
         return result;
     }
 
+    private int getFirstRoleIndex(String name) {
+        if (name.trim().startsWith(PropertiesBackingEngine.GROUP_PREFIX)) {
+            return 0;
+        }
+        return 1;
+    }
+
     @Override
     public void addRole(String username, String role) {
         String userInfos = users.get(username);
         if (userInfos != null) {
-            for (RolePrincipal rp : listRoles(username)) {
-                if (role.equals(rp.getName())) {
-                    return; 
+
+            // groups don't have password and empty should be ignored

Review Comment:
   A group can be empty (no role, no group, no user).





> First role of group definition in users.properties missing 
> -----------------------------------------------------------
>
>                 Key: KARAF-5014
>                 URL: https://issues.apache.org/jira/browse/KARAF-5014
>             Project: Karaf
>          Issue Type: Bug
>          Components: karaf
>    Affects Versions: 4.0.4
>            Reporter: Andre Schlegel-Tylla
>            Priority: Major
>
> The first role of an group got lost in role list:
> {code}
> bpcadmin = {CRYPT}...{CRYPT},bpcadmin,_g_\:zauberer,_g_\:masterdata
> _g_\:masterdata = VAM-administrator,VAM_organization_12001,wosinddieweiteren
> _g_\:zauberer=erstefehlt,abracadabra,simsalabim,sesamoeffnedich,hexhex
> {code}
> The roles "VAM-administrator" and "erstefehlt" are not listet on user 
> "bpcadmin".



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to