-
1. Re: Relationship User - Role LDAP not working
xardas008 May 8, 2015 9:27 AM (in response to xardas008)Another thing I found out is, that the Grant mapping isn't called, either the ctor nor the setters of the Grant.class are called to set either the assignee nor the role.
-
2. Re: Relationship User - Role LDAP not working
csetera Aug 17, 2015 5:46 PM (in response to xardas008)Daniel,
I'm not sure if you've found an answer to your problem, but I believe I had the same problem and was just able to resolve it. For you or anyone else that may stumble over this question, I thought I would offer up my solution to the problem. In my case, I started with the Quickstart that splits credentials (LDAP) and relationships (JPA). I am using the simple/sample JPA entities for the storage. I am attempting to store Roles in JPA and grant those roles to Users (LDAP) and it was failing to properly link things together.
After a lot of time in the code, I figured out that it was trying to find the User within the JPA store despite the fact that it was located in LDAP. The crux of the problem seemed to be the use of the RelationshipIdentityTypeEntity from the sample entities which was relating the entities via a database relationship. While stepping through the code, I noticed that there was the ability to use a String-based mapping for the identifier rather than a direct object-to-object mapping in JPA. I added a new JPA entity to my application that replaced the JPA relationship with a simple String attribute and used that instead of RelationshipIdentityTypeEntity. The guts of entity class look like the following:
@Entity public class RelationshipIdentityTypeViaIdentifierEntity implements Serializable { private static final long serialVersionUID = -3619372498444894118L; @Id @GeneratedValue private Long identifier; @RelationshipDescriptor private String descriptor; @RelationshipMember private String identityTypeIdentifier; @OwnerReference @ManyToOne private RelationshipTypeEntity owner;
With this entity in place, my Role grants seem to be working as I would expect.
Craig