0 Replies Latest reply on Feb 13, 2009 1:33 PM by Fabrice Sommavilla

    identityManager.grantRole() not persisting to database on glassfish

    Fabrice Sommavilla Newbie

      Hi,
      I'm trying to implement authentication with Identity Management. I am able to create users and grant them any roles. But when i update users, grantRole and revokeRole methods won't persist roles to databases, but return true anyway.


      I was expecting the following insert at the end of IdentityManager.grantRole(): 


      insert into crm.user_role (user_account_id, role_id) values (?, ?)



      The piece of code that suppose to grantRole is the following :


      final List<String> grantedRoles = identityManager.getGrantedRoles(userAccount.getUsername());
      
      new RunAsOperation() {
           public void execute() {
                                         
                boolean revoked =false;
                if (grantedRoles != null) {
                     for (String role : grantedRoles) {
                          if (!roles.contains(role)) {
                               revoked = identityManager.revokeRole(userAccount.getUsername(), role);
                          }
                     }
                }
                boolean granted = false;
                for (String role : roles) {
                     if (grantedRoles == null || !grantedRoles.contains(role)) {
                          granted = identityManager.grantRole(userAccount.getUsername(), role);
      
                     }
                }
                               
                log.info("REVOKED " + revoked);
                log.info("GANTED " + granted);
                               
                if(active.equals("active")){
                     identityManager.enableUser(username);     
                } else {
                     identityManager.disableUser(username);
                }
           }
                          
      }.addRole("admin").run();
      



      I've search on this forum to find any tips to my problem. The only topics i've found is this one :
      Here


      I've tried all solution discussed in it but with no results.


      I've tried to add annotation in my UserAccount getRoles method like this :


      @ManyToMany(targetEntity = Role.class,cascade=CascadeType.ALL)



      Also i already have this property set in my persistence.xml file :


      <property name="hibernate.transaction.flush_before_completion" value="true"/>



      I was asking myself, if I can add users and roles with identityManager.createUser() and identityManager.grantRole(), the update of users should work the same way !


      Can someone help me figure this out ?


      My UserAccount and Role classes are defined as follows:



      @Entity
      @Name("userAccount")
      @Table(name = "user_account", catalog = "crm", uniqueConstraints = @UniqueConstraint(columnNames = "username"))
      public class UserAccount implements Serializable {
      
          private Integer id;
          private User user;
          private String username;
          private String password;
          private String firstname;
          private String lastname;
          private boolean enabled;
          private Set<Role> roles = new HashSet<Role>(0);
      
          ...
      
          @NotNull
          @UserPrincipal
          public String getUsername() {
           return this.username;
          }
      
          public void setUsername(String username) {
           this.username = username;
          }
      
          @UserPassword(hash = "MD5")
          public String getPassword() {
           return this.password;
          }
      
          public void setPassword(String password) {
           this.password = password;
          }
      
          @UserRoles
          @ManyToMany(targetEntity = Role.class)
          @JoinTable(name = "user_role", catalog = "crm", 
                joinColumns = @JoinColumn(name = "user_account_id"), 
                inverseJoinColumns = @JoinColumn(name = "role_id"))
          public Set<Role> getRoles() {
              return roles;
          }
          public void setRoles(Set<Role> roles) {
              this.roles = roles;
          }
      }




      @Entity
      @Name("role")
      @Table(name = "role", catalog = "crm", uniqueConstraints = @UniqueConstraint(columnNames = "name"))
      public class Role implements Serializable {
      
         private Integer id;
         private String name;
         private boolean active;
      
          ...
      
          @RoleName
          public String getName() {
              return name;
          }
          public void setName(String name) {
              this.name = name;
          }
      }



      UserManagerAction is defined as follows:


      @End
      public String update() {
      
           boolean exist = userExistByUserAddId();
      
           if (exist) {
                UserAccountDAO userAccountDao = (UserAccountDAO) Component.getInstance(UserAccountDAO.class);
      
                UserRoleDAO userRoleDao = (UserRoleDAO) Component.getInstance(UserRoleDAO.class);
      
                final UserAccount userAccount = userAccountDao.getUserAccountByUser(userAdd);
      
                /* Add role */
                final List<String> grantedRoles = identityManager.getGrantedRoles(userAccount.getUsername());
      
                new RunAsOperation() {
                     public void execute() {
                               
                          boolean revoked =false;
                          if (grantedRoles != null) {
                               for (String role : grantedRoles) {
                                    if (!roles.contains(role)) {
                                         revoked = identityManager.revokeRole(userAccount.getUsername(), role);
                                    }
                               }
                          }
                          boolean granted = false;
                          for (String role : roles) {
                               if (grantedRoles == null
                                    || !grantedRoles.contains(role)) {
                                         granted = identityManager.grantRole(userAccount.getUsername(), role);
      
                               }
                          }
                               
                          log.info("REVOKED " + revoked);
                          log.info("GANTED " + granted);
                               
                          if(active.equals("active")){
                               identityManager.enableUser(username);     
                          } else {
                               identityManager.disableUser(username);
                          }
                     }
                          
                }.addRole("admin").run();
                     
                /* End add role */
      
                facesMessages.add("Successfully update user with email " + userAdd.getEmail());
      
                return "accepted";
      
           } else {
                facesMessages.addToControl("user", "User " + userAdd.getEmail() + " does not exist");
           }
           return "refused";
      }



      I'm using seam 2.1.1.GA, glassfish v2ur2 and mysql5.


      Thanks,


      Fabrice