[
https://issues.apache.org/jira/browse/KARAF-5014?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17885414#comment-17885414
]
ASF GitHub Bot commented on KARAF-5014:
---------------------------------------
stataru8 commented on code in PR #1863:
URL: https://github.com/apache/karaf/pull/1863#discussion_r1778853618
##########
jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java:
##########
@@ -157,22 +159,37 @@ private List<RolePrincipal> listRoles(String name) {
return result;
}
+ private int getFirstRoleIndex(String name) {
+ if (name.trim().startsWith(PropertiesBackingEngine.GROUP_PREFIX)) {
+ return 0;
+ }
+ return 1;
+ }
+
@Override
public void addRole(String username, String role) {
String userInfos = users.get(username);
if (userInfos != null) {
- for (RolePrincipal rp : listRoles(username)) {
- if (role.equals(rp.getName())) {
- return;
+
+ // groups don't have password and empty should be ignored
Review Comment:
My original comment was a bit misleading, what I meant is:
- If a **user** info is empty, we shouldn't replace `""` by `role`, or else
`role` becomes the user's password.
- If a **group** info is empty, we should replace `""` by `role`.
> First role of group definition in users.properties missing
> -----------------------------------------------------------
>
> Key: KARAF-5014
> URL: https://issues.apache.org/jira/browse/KARAF-5014
> Project: Karaf
> Issue Type: Bug
> Components: karaf
> Affects Versions: 4.0.4
> Reporter: Andre Schlegel-Tylla
> Priority: Major
>
> The first role of an group got lost in role list:
> {code}
> bpcadmin = {CRYPT}...{CRYPT},bpcadmin,_g_\:zauberer,_g_\:masterdata
> _g_\:masterdata = VAM-administrator,VAM_organization_12001,wosinddieweiteren
> _g_\:zauberer=erstefehlt,abracadabra,simsalabim,sesamoeffnedich,hexhex
> {code}
> The roles "VAM-administrator" and "erstefehlt" are not listet on user
> "bpcadmin".
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
