[MGNLLDAP-117] Pulse requires re-login to display a publication request for LDAP user Created: 06/Nov/17  Updated: 11/May/18  Resolved: 12/Mar/18

Status: Closed
Project: LDAP Connector
Component/s: None
Affects Version/s: None
Fix Version/s: 1.10, 1.9.3

Type: Bug Priority: Major
Reporter: Ewa Snopczynska-Sienczylo Assignee: Milan Divilek
Resolution: Fixed Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File pic1.png     PNG File pic2.png     PNG File pic3-after_re-logging.png    
Issue Links:
dependency
relation
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:
Sprint: Kromeriz 133, Kromeriz 135, Kromeriz 136, Kromeriz 137, Kromeriz 138
Story Points: 8

 Description   

An LDAP user doesn't see publication request in Pulse app even if he belongs to a group that have publishers group. And if he logout and re-login again, he will see the publication request.
I'm not 100% sure if the problem is on LDAP or Pulse side.
Please see linked cloud ticket for more details.

Steps
1.Login author instance as an Ldap user in the cloud with LDAP account
2.Go to Page app
3. Edit and publish any page
Expectation: A new publication request is displayed in Pulse app

Priority is quite high - it works ok for users created in Magnolia (currently majority of editors) but it will not work for users who are in LDAP (cockpit users that want to work on Magnolia instances, for example Owners , who will need to accept the publication requests)

Update:
If you "Abort" this task (after the first re-login and without clicking on "Assign to me") the number of the task will be still displayed there until you re-login again.



 Comments   
Comment by Bret Lederle [ 19/Dec/17 ]

Recently upgraded from 5.5.3 to 5.5.7 and am now experiencing this issue as all our users login with LDAP.

Comment by Ervin Vystup [ 20/Dec/17 ]

Hi esienczylo,

could you please specify on which version it occurs? Was that also on 5.5.7 how blederle mentioned?

Thank you in advance for the info

Comment by Ervin Vystup [ 20/Dec/17 ]

I was able to reproduce the issue on 5.5.7 and also found out one more strange thing. More info added to the description of the ticket.

Comment by Milan Divilek [ 05/Feb/18 ]

This issue is caused by wrong configuration in ldap/ad.properties. With correct ldap/ad.properties configuration pulse is correctly updated also for LDAP/AD users

There are two ways how user is resolved
1. We know user name -> info.magnolia.cms.security.UserManager#getUser(String userName) method is used

This method is used when user is logging into Magnolia and is also used for initialization of pulse and pulse counter after login. Configuration for this part is ok.

2. We know group name -> info.magnolia.cms.security.UserManager#getUsersWithGroup(String groupName)

This is used for update pulse and pulse counter and this doesn't work correctly. Most often caused by missing groupMembershipAttribute property in ldap/ad.properties file

Comment by Bret Lederle [ 05/Feb/18 ]

I just verified that I have the groupMembershipAttribute. I was able to find something else that explained this behavior. For an AD username that is BR1234, I can successfully login to Magnolia as 'br1234' and 'BR1234'. When logging in with lowercase, I do not get pulse notifications. And when logging in with the letters in CAPS, I do get the notifications. I feel that if i can successfully login with either, then the notifications should show up with either.

Comment by Milan Divilek [ 06/Feb/18 ]

Hi Bret,
thanks for catching that, it's definitely incorrect behaviour and needs to be fixed. Reopening issue.

Comment by Bret Lederle [ 06/Feb/18 ]

Great, thanks. Let me know if you need me to test anything or provide more details.

Generated at Mon Feb 12 02:21:43 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.