grouper-users - [grouper-users] RE: Grouper Shell and AddSubject
Subject: Grouper Users - Open Discussion List
List archive
- From: "Hyzer, Chris" <>
- To: "Black, Carey M." <>, "Crawford, Jeffrey" <>, Grouper-Users <>
- Subject: [grouper-users] RE: Grouper Shell and AddSubject
- Date: Thu, 6 Dec 2018 12:35:27 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is ) ;
- Ironport-phdr: 9a23:xXftDRHhSZpqYkOVMwx38Z1GYnF86YWxBRYc798ds5kLTJ76p8q5bnLW6fgltlLVR4KTs6sC17KG9fi4EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQpFiCa+bL9oMBm6sRjau9ULj4dlNqs/0AbCrGFSe+RRy2NoJFaTkAj568yt4pNt8Dletuw4+cJYXqr0Y6o3TbpDDDQ7KG81/9HktQPCTQSU+HQRVHgdnwdSDAjE6BH6WYrxsjf/u+Fg1iSWIdH6QLYpUjm58axlVAHnhzsGNz4h8WHYlMpwjL5AoBm8oxBz2pPYbJ2JOPZ7eK7WYNEUSndbXstJVyJPHJ6yb5cBAeQCM+ZXrYj9qEcBohalHwagGP/jxyVUinPq36A31fkqHwHc3AwnGtIDqHrYotf1NaYTT++11rHExijdYvNWwzf96ZPIfh48qvyLWLJ/bcrRyEkuFgzblFWdso3lPyiJ2egXrmib9/RvVeSpi2I9tQ5+vyWvy94qh4LUiIwVzVXE+j94wIYzPdC4R1R7Ydm5EJtIqS6aLZF6Tdk6Q2FwoCo6zroGuZG0fCcU1Zsr3R/fa/qBfoOV4RzjTP6cLSpkiH9qYr6yiBS//VKvx+HiTMW50FRHojJYntTCqnwBzRje5tWdRvdj40us3SyD2x3R5+xFOUw0m7TUJp09zrM1k5cev0vOETPtl0jzl6CaaFko9fSt5unlfLnquIOQOopphgz+MKkhgcqyCvkiPAcURWiU4+G82aXj/ULnRLVKieU7nLHFvZ7dOcgWqLe1DhJX3Yo98hq/CCyp38oCkXkAMVJFZAmIj4/0O1HIPf/0F++/g06rkDd32f/JIqHhApTKLnjFirvheqt961JYyAo0ytBf5IhYBa0GIPL2QkPxtdrYAQElMwGs3urrFNpw2pkRVG+NGKOUP73evUWI6+8tO+WMYZUauDf5K/gr/f7uino5lEcYfaa13ZsWaHG5Eep8I0iCYHrsmcsOHX0XvgomUuPqjluCXSRNaHmvQqIw/is7B56+DYffWoCth6SM3CihHp1Re2BGEk6DEW3xe4WZQPcDdjiSItR6nzwAVLihUJMh1QqwuAPgyrpnKPbU9TMCtZLlytd1+/PfmQss+jNpEsTOm12KGitemmoDRHt+96llrF017xHJmfxyh/VTFpoKvahhVRwnc5PQ0ro+Q5rZQAvecNCTRBLuYNioDys8X5h5l90FeU9iFdK4gjjCw2y3CLsc0bGHGcpwuo3G2GXpKtw49m3LzrJp21Y8RdZXOHfjm7Vy7RP7BojVnl+fmrrwM6kQwXie2n2EyD/EnFBKXRQ0GY7FR3EELAOCqN/591HPVZevEr9hLxNMz8jEJ6dXPI66xW5aTevubYyNK1m6nH29UFPRnuvWNtjjZnkd0SPBCUMNjwEU+zOcOBMjAju6/T6MFyRgQFToZU6ksfJzrn+2VAcV90mLdAUgstj94RsJnbqZQvIX0KgDvXIkoDVlDlun99PNAJydvwdneuNRbc5uqFo=
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
By default there is a jdbc source which reads the subject and subjectattribute tables. If you don’t have it in your source anymore then you wont be able to find it. For groups it should work.
Do you have something like this in grouper-ws.properties? # if you have subject namespace overlap (or not), set the default subject
# sources (comma-separated) to lookup the user if none specified in user name ws.logged.in.subject.default.source =
g:gsa # prepend to the userid this value (e.g. if using local entities, might be: etc:servicePrincipals: ) ws.security.prependToUserIdForSubjectLookup =
some:path:to:principals There is no way to delete the “jdbc” default subject source subjects. We can add that at some point. Deleting from DB is the way to go. Thanks Chris From: <>
On Behalf Of Black, Carey M. Jeffrey, I got to say that I don’t know why grouper is doing what it is doing for either of us on this one. And that is different, maybe, than what it is doing for you. And given that I am doing what you are doing for WebService accounts, I am very interested in understanding what is not working.
L
( I am using v 2.3. You did not say what version your using. Maybe your upgraded from 2.3 to 2.4? ) But maybe this will help. groovy:000> findSubject("grouper-testUser2"); ERROR edu.internet2.middleware.subject.SubjectNotFoundException: subject not found: grouper-testUser2 at edu.internet2.middleware.grouper.subj.SourcesXmlResolver.thereCanOnlyBeOne (SourcesXmlResolver.java:486) at edu.internet2.middleware.grouper.subj.SourcesXmlResolver.findByIdOrIdentifier (SourcesXmlResolver.java:527) at edu.internet2.middleware.grouper.subj.CachingResolver.findByIdOrIdentifier (CachingResolver.java:377) at edu.internet2.middleware.grouper.subj.ValidatingResolver.findByIdOrIdentifier (ValidatingResolver.java:203) at edu.internet2.middleware.grouper.SubjectFinder.findByIdOrIdentifier (SubjectFinder.java:316) at edu.internet2.middleware.grouper.app.gsh.findSubject.invoke (findSubject.java:154) at edu.internet2.middleware.grouper.app.gsh.findSubject$invoke.call (Unknown Source) at groovysh_evaluate.findSubject (groovysh_evaluate:4) at groovysh_evaluate.findSubject (groovysh_evaluate) groovy:000> addSubject("grouper-testUser2", "application", "grouper-testUser2"); ===> Subject id: grouper-testUser2, sourceId: null, name: grouper-testUser2 groovy:000> findSubject("grouper-testUser2"); ===> Subject id: grouper-testUser2, sourceId: jdbc, name: grouper-testUser2 I note that the addSubject returns “sourceId: null”. Yet it appears to have stuffed the user into “sourceId: jdbc”. And when I go look in the Subject table in the DB… yep. There it is. Just a wag: Maybe you did something to your jdbc source? Maybe the jdbc source was not converted/upgraded properly? And while we are on the “subject”, ( Ugh… bad puns are everywhere ) can anyone point at a Grouper API to “removeSubject()” ?
Yea.. SQL should get the job done, but their could be application caches, details, and quarks Oh my. If you can add then you should be able to remove too. IMHO [ In my hopeful opinion] -- Carey Matthew From:
<>
On Behalf Of Crawford, Jeffrey Greetings, We’ve been having issue with the grouper Web Service finding the service accounts since we upgraded. Originally the web service accounts were created as groups, and the web service basic auth seemed to work
fine. My guess is that over time it was no longer possible to bind a basic auth REMOTE_USER to a group entity. So I thought I would create an application local identity and just make it a member of the original group we created as a migration step. However I was trying to create a local entity. I used the Grouper shell to create a service account, but after creating it and trying to access it via findSubject, It doesn’t find the account I just created: groovy:000> addSubject("grouper-wsuser", "application", "grouper-wsuser"); ===> Subject id: grouper-wsuser-iamucla, sourceId: null, name: grouper-wsuser groovy:000> findSubject("grouper-wsuser"); ERROR edu.internet2.middleware.subject.SubjectNotFoundException: subject not found: grouper-wsuser at edu.internet2.middleware.grouper.subj.SourcesXmlResolver.thereCanOnlyBeOne (SourcesXmlResolver.java:486) at edu.internet2.middleware.grouper.subj.SourcesXmlResolver.findByIdOrIdentifier (SourcesXmlResolver.java:527) at edu.internet2.middleware.grouper.subj.CachingResolver.findByIdOrIdentifier (CachingResolver.java:406) at edu.internet2.middleware.grouper.subj.ValidatingResolver.findByIdOrIdentifier (ValidatingResolver.java:203) at edu.internet2.middleware.grouper.SubjectFinder.findByIdOrIdentifier (SubjectFinder.java:316) at edu.internet2.middleware.grouper.app.gsh.findSubject.invoke (findSubject.java:154) at edu.internet2.middleware.grouper.app.gsh.findSubject$invoke.call (Unknown Source) at groovysh_evaluate.findSubject (groovysh_evaluate:4) at groovysh_evaluate.findSubject (groovysh_evaluate) |
- [grouper-users] Grouper Shell and AddSubject, Crawford, Jeffrey, 12/05/2018
- [grouper-users] RE: Grouper Shell and AddSubject, Black, Carey M., 12/06/2018
- [grouper-users] RE: Grouper Shell and AddSubject, Hyzer, Chris, 12/06/2018
- [grouper-users] RE: Grouper Shell and AddSubject, Redman, Chad, 12/06/2018
- [grouper-users] RE: Grouper Shell and AddSubject, Hyzer, Chris, 12/06/2018
- [grouper-users] RE: Grouper Shell and AddSubject, Black, Carey M., 12/06/2018
Archive powered by MHonArc 2.6.19.