Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-2596

ssoadm show-privileges result misleading if no identity with given type exists

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Snapshot9.5.1, Snapshot9.5.2, 9.5.3, 9.5.4, 9.5.5, 10.0.0, 10.0.1, 10.1.0-Xpress
    • Fix Version/s: 10.0.2, 11.0.0
    • Component/s: CLI
    • Environment:
    • Rank:
      1|hznyfz:

      Description

      Create 'serviceuser', 'servicegroup' in embedded data store via ldapmodify
      Add 'serviceuser' to 'servicegroup' via ldapmodify
      Assign ALL privileges to 'servicegroup' via OpenAM console

      run ssoadm for type 'Group'

      ssoadm show-privileges -u amadmin -f PASSWORDFILE -e / -i 'servicegroup' -t Group

      shows correct output ...

      LogWrite
      PrivilegeRestAccess
      EntitlementRestAccess
      RealmAdmin
      LogRead
      AgentAdmin
      FederationAdmin
      LogAdmin
      PolicyAdmin
      PrivilegeRestReadAccess

      run ssoadm for type 'Role'

      ssoadm show-privileges -u amadmin -f PASSWORDFILE -e / -i restservice1 -t Role

      shows misleading output ...

      There were no privileges.

      There should be some output like

      'Identity type not supported by datastores'

      or

      'No identity with given type found'

        Attachments

          Activity

            People

            Assignee:
            peter.major Peter Major [X] (Inactive)
            Reporter:
            bthalmayr Bernhard Thalmayr
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: