[jira] [Resolved] (SYNCOPE-999) REST exception mapper overwrites Spring Security response
[
https://issues.apache.org/jira/browse/SYNCOPE-999?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Francesco Chicchiriccò resolved SYNCOPE-999.
Resolution: Fixed
> REST exception mapper overwrites Spring Security response
> -
>
> Key: SYNCOPE-999
> URL: https://issues.apache.org/jira/browse/SYNCOPE-999
> Project: Syncope
> Issue Type: Bug
> Components: client, core
>Affects Versions: 1.2.9, 2.0.1
>Reporter: Francesco Chicchiriccò
>Assignee: Francesco Chicchiriccò
> Fix For: 1.2.10, 2.0.2, 2.1.0
>
>
> CXF is configured with an exception mapper for {{java.lang.Exception}} which
> explicitly handles
> {{org.springframework.security.access.AccessDeniedException}}, thus
> overwriting the HTTP response produced by Spring Security.
> This is causing troubles with non-default Spring Security configurations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (SYNCOPE-999) REST exception mapper overwrites Spring Security response
[
https://issues.apache.org/jira/browse/SYNCOPE-999?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15832111#comment-15832111
]
ASF subversion and git services commented on SYNCOPE-999:
-
Commit e36511ffdc6cb4c783b5882ad811ef651cffb3fe in syncope's branch
refs/heads/2_0_X from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=e36511f ]
[SYNCOPE-999] Adjusting Spring Security configuration and REST exception mapping
> REST exception mapper overwrites Spring Security response
> -
>
> Key: SYNCOPE-999
> URL: https://issues.apache.org/jira/browse/SYNCOPE-999
> Project: Syncope
> Issue Type: Bug
> Components: client, core
>Affects Versions: 1.2.9, 2.0.1
>Reporter: Francesco Chicchiriccò
>Assignee: Francesco Chicchiriccò
> Fix For: 1.2.10, 2.0.2, 2.1.0
>
>
> CXF is configured with an exception mapper for {{java.lang.Exception}} which
> explicitly handles
> {{org.springframework.security.access.AccessDeniedException}}, thus
> overwriting the HTTP response produced by Spring Security.
> This is causing troubles with non-default Spring Security configurations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (SYNCOPE-999) REST exception mapper overwrites Spring Security response
[
https://issues.apache.org/jira/browse/SYNCOPE-999?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15832112#comment-15832112
]
ASF subversion and git services commented on SYNCOPE-999:
-
Commit e2567e459bc0eeb8065f0f2fcdcbd17ad4dcb0c3 in syncope's branch
refs/heads/master from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=e2567e4 ]
[SYNCOPE-999] Adjusting Spring Security configuration and REST exception mapping
> REST exception mapper overwrites Spring Security response
> -
>
> Key: SYNCOPE-999
> URL: https://issues.apache.org/jira/browse/SYNCOPE-999
> Project: Syncope
> Issue Type: Bug
> Components: client, core
>Affects Versions: 1.2.9, 2.0.1
>Reporter: Francesco Chicchiriccò
>Assignee: Francesco Chicchiriccò
> Fix For: 1.2.10, 2.0.2, 2.1.0
>
>
> CXF is configured with an exception mapper for {{java.lang.Exception}} which
> explicitly handles
> {{org.springframework.security.access.AccessDeniedException}}, thus
> overwriting the HTTP response produced by Spring Security.
> This is causing troubles with non-default Spring Security configurations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (SYNCOPE-999) REST exception mapper overwrites Spring Security response
[
https://issues.apache.org/jira/browse/SYNCOPE-999?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15831998#comment-15831998
]
ASF subversion and git services commented on SYNCOPE-999:
-
Commit ecbff72b5aa6ea566540946a5e91e5d4e047c1df in syncope's branch
refs/heads/1_2_X from [~ilgrosso]
[ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=ecbff72 ]
[SYNCOPE-999] Adjusting Spring Security configuration and REST exception mapping
> REST exception mapper overwrites Spring Security response
> -
>
> Key: SYNCOPE-999
> URL: https://issues.apache.org/jira/browse/SYNCOPE-999
> Project: Syncope
> Issue Type: Bug
> Components: client, core
>Affects Versions: 1.2.9, 2.0.1
>Reporter: Francesco Chicchiriccò
>Assignee: Francesco Chicchiriccò
> Fix For: 1.2.10, 2.0.2, 2.1.0
>
>
> CXF is configured with an exception mapper for {{java.lang.Exception}} which
> explicitly handles
> {{org.springframework.security.access.AccessDeniedException}}, thus
> overwriting the HTTP response produced by Spring Security.
> This is causing troubles with non-default Spring Security configurations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Created] (SYNCOPE-999) REST exception mapper overwrites Spring Security response
Francesco Chicchiriccò created SYNCOPE-999:
--
Summary: REST exception mapper overwrites Spring Security response
Key: SYNCOPE-999
URL: https://issues.apache.org/jira/browse/SYNCOPE-999
Project: Syncope
Issue Type: Bug
Components: client, core
Affects Versions: 2.0.1, 1.2.9
Reporter: Francesco Chicchiriccò
Assignee: Francesco Chicchiriccò
Fix For: 1.2.10, 2.0.2, 2.1.0
CXF is configured with an exception mapper for {{java.lang.Exception}} which
explicitly handles
{{org.springframework.security.access.AccessDeniedException}}, thus overwriting
the HTTP response produced by Spring Security.
This is causing troubles with non-default Spring Security configurations.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Assigned] (SYNCOPE-996) Replace Angular Bootstrap DateTimePicker with Kendo UI DateTimePicker
[ https://issues.apache.org/jira/browse/SYNCOPE-996?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matteo Di Carlo reassigned SYNCOPE-996: --- Assignee: Matteo Di Carlo > Replace Angular Bootstrap DateTimePicker with Kendo UI DateTimePicker > - > > Key: SYNCOPE-996 > URL: https://issues.apache.org/jira/browse/SYNCOPE-996 > Project: Syncope > Issue Type: Improvement > Components: enduser >Affects Versions: 2.0.1 >Reporter: Matteo Di Carlo >Assignee: Matteo Di Carlo > Fix For: 2.0.2, 2.1.0 > > > Use Kendo UI DateTimePicker > (http://demos.telerik.com/kendo-ui/datetimepicker/angular) instead of > Bootstrap DateTimePicker. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SYNCOPE-994) Character encoding not being respected
[ https://issues.apache.org/jira/browse/SYNCOPE-994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15831586#comment-15831586 ] ASF subversion and git services commented on SYNCOPE-994: - Commit 1d91d1d0023c1a6c4ec3971e9a8f3f5c5e76f31e in syncope's branch refs/heads/2_0_X from [~mdicarlo] [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=1d91d1d ] [SYNCOPE-994] clean unused imports > Character encoding not being respected > -- > > Key: SYNCOPE-994 > URL: https://issues.apache.org/jira/browse/SYNCOPE-994 > Project: Syncope > Issue Type: Bug > Components: enduser >Affects Versions: 2.0.1 >Reporter: Matteo Di Carlo >Assignee: Matteo Di Carlo > Fix For: 2.0.2, 2.1.0 > > > Steps to reproduce the error: > Register a new user and fill the fullname field with a name containing a > accented vowel. > Edit the user just created: attribute fullname doesn't respect the encoding. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SYNCOPE-994) Character encoding not being respected
[ https://issues.apache.org/jira/browse/SYNCOPE-994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15831587#comment-15831587 ] ASF subversion and git services commented on SYNCOPE-994: - Commit ef65d83cf867044f0b859e8691728cefcd3f651f in syncope's branch refs/heads/master from [~mdicarlo] [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=ef65d83 ] [SYNCOPE-994] clean unused imports > Character encoding not being respected > -- > > Key: SYNCOPE-994 > URL: https://issues.apache.org/jira/browse/SYNCOPE-994 > Project: Syncope > Issue Type: Bug > Components: enduser >Affects Versions: 2.0.1 >Reporter: Matteo Di Carlo >Assignee: Matteo Di Carlo > Fix For: 2.0.2, 2.1.0 > > > Steps to reproduce the error: > Register a new user and fill the fullname field with a name containing a > accented vowel. > Edit the user just created: attribute fullname doesn't respect the encoding. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (SYNCOPE-994) Character encoding not being respected
[ https://issues.apache.org/jira/browse/SYNCOPE-994?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Matteo Di Carlo resolved SYNCOPE-994. - Resolution: Fixed > Character encoding not being respected > -- > > Key: SYNCOPE-994 > URL: https://issues.apache.org/jira/browse/SYNCOPE-994 > Project: Syncope > Issue Type: Bug > Components: enduser >Affects Versions: 2.0.1 >Reporter: Matteo Di Carlo >Assignee: Matteo Di Carlo > Fix For: 2.0.2, 2.1.0 > > > Steps to reproduce the error: > Register a new user and fill the fullname field with a name containing a > accented vowel. > Edit the user just created: attribute fullname doesn't respect the encoding. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SYNCOPE-994) Character encoding not being respected
[ https://issues.apache.org/jira/browse/SYNCOPE-994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15831557#comment-15831557 ] ASF subversion and git services commented on SYNCOPE-994: - Commit 314f8364be9972a11e51d18c6efdcdf4b9091dc1 in syncope's branch refs/heads/2_0_X from [~mdicarlo] [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=314f836 ] [SYNCOPE-994] add encoding and content of wicket resources responses > Character encoding not being respected > -- > > Key: SYNCOPE-994 > URL: https://issues.apache.org/jira/browse/SYNCOPE-994 > Project: Syncope > Issue Type: Bug > Components: enduser >Affects Versions: 2.0.1 >Reporter: Matteo Di Carlo >Assignee: Matteo Di Carlo > Fix For: 2.0.2, 2.1.0 > > > Steps to reproduce the error: > Register a new user and fill the fullname field with a name containing a > accented vowel. > Edit the user just created: attribute fullname doesn't respect the encoding. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (SYNCOPE-994) Character encoding not being respected
[ https://issues.apache.org/jira/browse/SYNCOPE-994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15831558#comment-15831558 ] ASF subversion and git services commented on SYNCOPE-994: - Commit f11b63cf9498d6259c7d8f58d54389cf2fa18edc in syncope's branch refs/heads/master from [~mdicarlo] [ https://git-wip-us.apache.org/repos/asf?p=syncope.git;h=f11b63c ] [SYNCOPE-994] add encoding and content of wicket resources responses > Character encoding not being respected > -- > > Key: SYNCOPE-994 > URL: https://issues.apache.org/jira/browse/SYNCOPE-994 > Project: Syncope > Issue Type: Bug > Components: enduser >Affects Versions: 2.0.1 >Reporter: Matteo Di Carlo >Assignee: Matteo Di Carlo > Fix For: 2.0.2, 2.1.0 > > > Steps to reproduce the error: > Register a new user and fill the fullname field with a name containing a > accented vowel. > Edit the user just created: attribute fullname doesn't respect the encoding. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
Re: [DISCUSS] - Support dynamic entitlements in Apache Syncope
Hi Colm, thanks for starting this discussion, it something that has been popping out several times in the past ([1][2][3][4][5] just to say some). With "dynamic entitlements", I think you are referring to privilege management, e.g. the ability to discover, define and map the rights that users own on external resources. I would not confuse this, however, with Syncope entitlements: starting with 2.0, in fact, we now finally have a stable mechanism for which entitlements are defined as constants in Java classes (and extensions might add their own, as shown by the Camel Provisioning Manager), with positive effects on code organization both for Core's Spring Security configuration and Admin Console's delegated administration. I think that privilege management is a great addition to Syncope; here are few items coming to my mind: 1. privileges must be represented as (JPA) entities, have their own TO, REST endpoint, Admin Console management, etc. (as all other entities) 2. privileges should be defined / discovered in external resource(s): resource R1 defines privileges P1, P2, P3; resource R2 defines privileges P4,P5; about discovery, ConnId does not provide (yet?) any primitive 3. privileges should be grouped somehow and finally assigned to users, but depend on each external resource 4. privileges are not really for users (in the way Syncope defines them) but rather for accounts, e.g. the mapped counterpart of a Syncope user onto a given external resource. I think we could take the chance to add both privilege management and multi-account management (see SYNCOPE-957): both features require in fact a new concept to be introduced in Syncope: accounts. Naturally, I don't see any chance to land all above in 2.0 (considerable changes involved, even for internal storage); it will be 2.1 at least. Regards. [1] https://lists.apache.org/thread.html/5e6936a1a9e7fef1f42e7e2261e5fd5dd3ab6aaee669cc82f16284c6@%3Cuser.syncope.apache.org%3E [2] https://lists.apache.org/thread.html/947d7261a242cb729aafb551b28fa9bad6c81c2e02eb6f2ec98b7a0a@1428995050@%3Cuser.syncope.apache.org%3E [3] https://lists.apache.org/thread.html/4662efa8948fc9bba944d8d85ddf902d6c900530ccf78d50df9adb90@1386320489@%3Cuser.syncope.apache.org%3E [4] https://lists.apache.org/thread.html/be01e1d26de4f7b9ce38026364566dc606496d19eba7e008efa227a0@1375945339@%3Cuser.syncope.apache.org%3E [5] https://lists.apache.org/thread.html/e4b5727f8506cdca10cf2a6e4332ed23e9c6f73679fa397bb277abe4@1367333293@%3Cuser.syncope.apache.org%3E On 19/01/2017 17:53, Colm O hEigeartaigh wrote: Hi all, I'd like to discuss the possibility of supporting dynamic entitlements in Apache Syncope. The goals being to explore if the Apache Syncope community feels that this is a good idea, and if so to try to break the various work items down and start creating JIRAs etc. Entitlements in Apache Syncope are currently statically defined and are used for internal authorization purposes only. The problem arises when you start considering things like integrating SCIM with Syncope, as the concepts of roles/entitlements in SCIM do not map naturally to groups in Syncope. So it would be great to be able to map roles/entitlements associated with users directly to the same concepts in Syncope. I don't know whether it might be desirable to have different types of entitlements, e.g. whether we want to maintain a separation between "internal" entitlements used for authorization in Syncope, and general entitlements meant for external consumption. The task would involve some UI work to be able to create entitlements. I'm not sure off-hand if we require REST changes, as we can get the entitlements of a User by getting the roles of the user, and then querying the entitlements associated with the role etc. Is it possible to associate roles with a group and then have members of that group inherit the entitlements? WDYT? Colm. -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
[jira] [Assigned] (SYNCOPE-779) Use Kendo UI Boostrap DateTimePicker
[ https://issues.apache.org/jira/browse/SYNCOPE-779?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Marco Di Sabatino Di Diodoro reassigned SYNCOPE-779: Assignee: Marco Di Sabatino Di Diodoro > Use Kendo UI Boostrap DateTimePicker > > > Key: SYNCOPE-779 > URL: https://issues.apache.org/jira/browse/SYNCOPE-779 > Project: Syncope > Issue Type: Improvement > Components: console >Reporter: Marco Di Sabatino Di Diodoro >Assignee: Marco Di Sabatino Di Diodoro >Priority: Minor > Fix For: 2.0.2, 2.1.0 > > > Replace actual Bootstrap DateTimePicker component (Wicket 7.2.0), that > doesn't support all java date formats (see SYNCOPE-730), with Kendo UI > DateTimePicker (http://demos.telerik.com/kendo-ui/datetimepicker/angular) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
