identityManager.grantRole() not persisting to database on glassfish
fsommavilla Feb 13, 2009 1:33 PMHi,
I'm trying to implement authentication with Identity Management. I am able to create users and grant them any roles. But when i update users, grantRole and revokeRole methods won't persist roles to databases, but return true anyway.
I was expecting the following insert at the end of IdentityManager.grantRole():
insert into crm.user_role (user_account_id, role_id) values (?, ?)
The piece of code that suppose to grantRole is the following :
final List<String> grantedRoles = identityManager.getGrantedRoles(userAccount.getUsername()); new RunAsOperation() { public void execute() { boolean revoked =false; if (grantedRoles != null) { for (String role : grantedRoles) { if (!roles.contains(role)) { revoked = identityManager.revokeRole(userAccount.getUsername(), role); } } } boolean granted = false; for (String role : roles) { if (grantedRoles == null || !grantedRoles.contains(role)) { granted = identityManager.grantRole(userAccount.getUsername(), role); } } log.info("REVOKED " + revoked); log.info("GANTED " + granted); if(active.equals("active")){ identityManager.enableUser(username); } else { identityManager.disableUser(username); } } }.addRole("admin").run();
I've search on this forum to find any tips to my problem. The only topics i've found is this one :
Here
I've tried all solution discussed in it but with no results.
I've tried to add annotation in my UserAccount getRoles method like this :
@ManyToMany(targetEntity = Role.class,cascade=CascadeType.ALL)
Also i already have this property set in my persistence.xml file :
<property name="hibernate.transaction.flush_before_completion" value="true"/>
I was asking myself, if I can add users and roles with identityManager.createUser() and identityManager.grantRole(), the update of users should work the same way !
Can someone help me figure this out ?
My UserAccount and Role classes are defined as follows:
@Entity @Name("userAccount") @Table(name = "user_account", catalog = "crm", uniqueConstraints = @UniqueConstraint(columnNames = "username")) public class UserAccount implements Serializable { private Integer id; private User user; private String username; private String password; private String firstname; private String lastname; private boolean enabled; private Set<Role> roles = new HashSet<Role>(0); ... @NotNull @UserPrincipal public String getUsername() { return this.username; } public void setUsername(String username) { this.username = username; } @UserPassword(hash = "MD5") public String getPassword() { return this.password; } public void setPassword(String password) { this.password = password; } @UserRoles @ManyToMany(targetEntity = Role.class) @JoinTable(name = "user_role", catalog = "crm", joinColumns = @JoinColumn(name = "user_account_id"), inverseJoinColumns = @JoinColumn(name = "role_id")) public Set<Role> getRoles() { return roles; } public void setRoles(Set<Role> roles) { this.roles = roles; } }
@Entity @Name("role") @Table(name = "role", catalog = "crm", uniqueConstraints = @UniqueConstraint(columnNames = "name")) public class Role implements Serializable { private Integer id; private String name; private boolean active; ... @RoleName public String getName() { return name; } public void setName(String name) { this.name = name; } }
UserManagerAction is defined as follows:
@End public String update() { boolean exist = userExistByUserAddId(); if (exist) { UserAccountDAO userAccountDao = (UserAccountDAO) Component.getInstance(UserAccountDAO.class); UserRoleDAO userRoleDao = (UserRoleDAO) Component.getInstance(UserRoleDAO.class); final UserAccount userAccount = userAccountDao.getUserAccountByUser(userAdd); /* Add role */ final List<String> grantedRoles = identityManager.getGrantedRoles(userAccount.getUsername()); new RunAsOperation() { public void execute() { boolean revoked =false; if (grantedRoles != null) { for (String role : grantedRoles) { if (!roles.contains(role)) { revoked = identityManager.revokeRole(userAccount.getUsername(), role); } } } boolean granted = false; for (String role : roles) { if (grantedRoles == null || !grantedRoles.contains(role)) { granted = identityManager.grantRole(userAccount.getUsername(), role); } } log.info("REVOKED " + revoked); log.info("GANTED " + granted); if(active.equals("active")){ identityManager.enableUser(username); } else { identityManager.disableUser(username); } } }.addRole("admin").run(); /* End add role */ facesMessages.add("Successfully update user with email " + userAdd.getEmail()); return "accepted"; } else { facesMessages.addToControl("user", "User " + userAdd.getEmail() + " does not exist"); } return "refused"; }
I'm using seam 2.1.1.GA, glassfish v2ur2 and mysql5.
Thanks,
Fabrice