Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5386

Policy editor doesn't always use realm-specific REST endpoints

    Details

    • Support Ticket IDs:

      Description

      To reproduce:

      • Create a subrealm with a datastore different from the datastore in the top realm, let's call it realmB
      • Create a group in realmB, called groupB
      • Create a referral to realmB for a resource called resourceB
      • Create a Policy in realmB for resourceB
      • Add a subject condition; groupB is not displayed in the menu and can not be typed in and saved

      Workaround:

      • Create a dummy group in top realm: mydummygroup
      • Create a policy in realmB with subject group mydummygroup
      • Export all policies from realmB
      • In the export look for occurrences of mydummygroup; you should find outputs such as: id=mydummygroup,ou=group,dc=openam,dc=forgerock,dc=org
      • Replace the occurrences by
        id=groupB,ou=group,o=realmB,dc=openam,dc=forgerock,dc=org
      • Delete the old policies from realmB
      • Import the policies from the modified file

        Attachments

          Activity

            People

            • Assignee:
              peter.major Peter Major [X] (Inactive)
              Reporter:
              nathalie.hoet Nathalie Hoet
              QA Assignee:
              Alex Walker [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: