identityManager.grantRole() not persisting to database on glassfish
Hi,
I'm trying to implement authentication with Identity Management. I am able to create users and grant them any roles. But when i update users, grantRole and revokeRole methods won't persist roles to databases, but return true anyway.
I was expecting the following insert at the end of IdentityManager.grantRole():
insert into crm.user_role (user_account_id, role_id) values (?, ?)
The piece of code that suppose to grantRole is the following :
final List<String> grantedRoles = identityManager.getGrantedRoles(userAccount.getUsername());
new RunAsOperation() {
public void execute() {
boolean revoked =false;
if (grantedRoles != null) {
for (String role : grantedRoles) {
if (!roles.contains(role)) {
revoked = identityManager.revokeRole(userAccount.getUsername(), role);
}
}
}
boolean granted = false;
for (String role : roles) {
if (grantedRoles == null || !grantedRoles.contains(role)) {
granted = identityManager.grantRole(userAccount.getUsername(), role);
}
}
log.info("REVOKED " + revoked);
log.info("GANTED " + granted);
if(active.equals("active")){
identityManager.enableUser(username);
} else {
identityManager.disableUser(username);
}
}
}.addRole("admin").run();
I've search on this forum to find any tips to my problem. The only topics i've found is this one :
Here
I've tried all solution discussed in it but with no results.
I've tried to add annotation in my UserAccount getRoles method like this :
@ManyToMany(targetEntity = Role.class,cascade=CascadeType.ALL)
Also i already have this property set in my persistence.xml file :
<property name="hibernate.transaction.flush_before_completion" value="true"/>
I was asking myself, if I can add users and roles with identityManager.createUser() and identityManager.grantRole(), the update of users should work the same way !
Can someone help me figure this out ?
My UserAccount and Role classes are defined as follows:
@Entity
@Name("userAccount")
@Table(name = "user_account", catalog = "crm", uniqueConstraints = @UniqueConstraint(columnNames = "username"))
public class UserAccount implements Serializable {
private Integer id;
private User user;
private String username;
private String password;
private String firstname;
private String lastname;
private boolean enabled;
private Set<Role> roles = new HashSet<Role>(0);
...
@NotNull
@UserPrincipal
public String getUsername() {
return this.username;
}
public void setUsername(String username) {
this.username = username;
}
@UserPassword(hash = "MD5")
public String getPassword() {
return this.password;
}
public void setPassword(String password) {
this.password = password;
}
@UserRoles
@ManyToMany(targetEntity = Role.class)
@JoinTable(name = "user_role", catalog = "crm",
joinColumns = @JoinColumn(name = "user_account_id"),
inverseJoinColumns = @JoinColumn(name = "role_id"))
public Set<Role> getRoles() {
return roles;
}
public void setRoles(Set<Role> roles) {
this.roles = roles;
}
}@Entity
@Name("role")
@Table(name = "role", catalog = "crm", uniqueConstraints = @UniqueConstraint(columnNames = "name"))
public class Role implements Serializable {
private Integer id;
private String name;
private boolean active;
...
@RoleName
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}UserManagerAction is defined as follows:
@End
public String update() {
boolean exist = userExistByUserAddId();
if (exist) {
UserAccountDAO userAccountDao = (UserAccountDAO) Component.getInstance(UserAccountDAO.class);
UserRoleDAO userRoleDao = (UserRoleDAO) Component.getInstance(UserRoleDAO.class);
final UserAccount userAccount = userAccountDao.getUserAccountByUser(userAdd);
/* Add role */
final List<String> grantedRoles = identityManager.getGrantedRoles(userAccount.getUsername());
new RunAsOperation() {
public void execute() {
boolean revoked =false;
if (grantedRoles != null) {
for (String role : grantedRoles) {
if (!roles.contains(role)) {
revoked = identityManager.revokeRole(userAccount.getUsername(), role);
}
}
}
boolean granted = false;
for (String role : roles) {
if (grantedRoles == null
|| !grantedRoles.contains(role)) {
granted = identityManager.grantRole(userAccount.getUsername(), role);
}
}
log.info("REVOKED " + revoked);
log.info("GANTED " + granted);
if(active.equals("active")){
identityManager.enableUser(username);
} else {
identityManager.disableUser(username);
}
}
}.addRole("admin").run();
/* End add role */
facesMessages.add("Successfully update user with email " + userAdd.getEmail());
return "accepted";
} else {
facesMessages.addToControl("user", "User " + userAdd.getEmail() + " does not exist");
}
return "refused";
}I'm using seam 2.1.1.GA, glassfish v2ur2 and mysql5.
Thanks,
Fabrice