Uploaded image for project: 'Red Hat Process Automation Manager'
  1. Red Hat Process Automation Manager
  2. RHPAM-2981

Unable to access business-central after user containing dot(.) character changes role settings

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Critical
    • 7.8.1.GA
    • 7.7.1.GA
    • Business Central

    • RHPAM with LDAP (but the issue can be reproduced with default security configuration as well)

    • CR1
    • +
    • Hide

      1. Install RHPAM / business-central
      2. Create a user containing dot(.) character (eg. email address format):

      $ ./bin/add-user.sh -a -u 'mweiler@redhat.com' -p password1! -g user,admin,developer

      3. Start the server
      4. Log in with this user
      5. Navigate to 'Settings -> Roles'
      6. Apply a config change (eg. Page permissions for group 'developer') and save this change
      7. Log out and log in again, there is an error both in the UI and the console

      Show
      1. Install RHPAM / business-central 2. Create a user containing dot(.) character (eg. email address format): $ ./bin/add-user.sh -a -u 'mweiler@redhat.com' -p password1! -g user,admin,developer 3. Start the server 4. Log in with this user 5. Navigate to 'Settings -> Roles' 6. Apply a config change (eg. Page permissions for group 'developer') and save this change 7. Log out and log in again, there is an error both in the UI and the console
    • 2020 Week 22-24 (from May 25), 2020 Week 25-27 (from Jun 15), 2020 Week 28-30 (from Jul 6), 2020 Week 31-33 (from Jul 27)

    Description

      After changing the roles settings with a user containing the dot(.) character, the business-central UI is no longer accessible for any user, see attached screenshot. The console logs this error:

      12:28:53,821 ERROR [org.uberfire.backend.server.authz.AuthorizationPolicyVfsStorage] (default task-4) Authz policy file VFS read error: security-policy.properties: java.lang.IllegalArgumentException: Unknown key: group.mweiler@redhat.com.home
	at deployment.business-central.war//org.uberfire.backend.server.authz.AuthorizationPolicyMarshaller.read(AuthorizationPolicyMarshaller.java:203)
	at deployment.business-central.war//org.uberfire.backend.server.authz.AuthorizationPolicyMarshaller.read(AuthorizationPolicyMarshaller.java:143)
	at deployment.business-central.war//org.uberfire.backend.server.authz.AuthorizationPolicyMarshaller.lambda$read$1(AuthorizationPolicyMarshaller.java:100)
	at java.base/java.util.TreeMap.forEach(TreeMap.java:1002)

      Attachments

        Activity

          People

            r_anand Rishiraj Anand (Inactive)
            rhn-support-mputz Martin Weiler (Inactive)
            Barbora Siskova Barbora Siskova
            Barbora Siskova Barbora Siskova
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: