[MGNLSSO-13] External User does not get assigned sub-groups in Magnolia Created: 30/Oct/19 Updated: 30/Oct/19 Resolved: 30/Oct/19 |
|
| Status: | Closed |
| Project: | Single Sign On |
| Component/s: | None |
| Affects Version/s: | 2.2 Incubator |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Major |
| Reporter: | Martin Schmid | Assignee: | Lars Fischer |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | 1h | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | 1h | ||
| Environment: |
Magnolia 6.1.2 DX Core / OpenJDK 11 / TC 9.0.44 |
||
| Template: |
|
| Patch included: |
Yes
|
| Acceptance criteria: |
Empty
|
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
| Date of First Response: |
| Description |
|
During external user login process, the SSOConnectorUserManager only maps the direct group names. In Magnolia, a group can have sub groups. In version 2.2 Snaphot, these groups are not resolved. In the "validateGroups()" method, the transitive groups are present and can be added: ...if (group != null) { |
| Comments |
| Comment by Lars Fischer [ 30/Oct/19 ] |
|
This is a general limitation of the external user classes (methods are not implemented). But for the SSO Connector this has already been fixed, see https://jira.magnolia-cms.com/browse/MGNLSSO-5. |
| Comment by Martin Schmid [ 30/Oct/19 ] |
|
nice, thank you @lfischer |