Bug 793561 (JBEPP-640)

Summary: Changes getting persisted in LDAP for attributes marked "readonly"
Product: [JBoss] JBoss Enterprise Portal Platform 5 Reporter: Martin Weiler <mweiler>
Component: PortalAssignee: Thomas Heute <theute>
Status: CLOSED NEXTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: 5.0.1.GA, 5.1.0.ER04CC: boleslaw.dawidowicz, epp-bugs
Target Milestone: ---   
Target Release: 5.1.0.GA   
Hardware: Unspecified   
OS: Unspecified   
URL: http://jira.jboss.org/jira/browse/JBEPP-640
Whiteboard: picketlink
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-12-20 10:14:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Martin Weiler 2010-11-16 13:37:57 UTC 
Help Desk Ticket Reference: https://na7.salesforce.com/500A0000004Tlc3
project_key: JBEPP

We have configured EPP 5.0.1 with LDAP. If we change an attribute like 'email' through the OrganizationPortlet, the changes are getting persisted into LDAP even though this attribute is marked as "readonly" in the picketlink configuration: 

<attributes> 
  [...]
  <attribute> 
    <name>email</name> 
    <mapping>mail</mapping> 
    <type>text</type> 
    <isRequired>false</isRequired> 
    <isMultivalued>false</isMultivalued> 
    <isReadOnly>true</isReadOnly> 
    <isUnique>true</isUnique> 
  </attribute> 
</attributes>
Comment 1 boleslaw.dawidowicz 2010-11-17 13:39:40 UTC 
This is being fixed in PicketLink 1.1.7 and current quick resolution is that update on readOnly attribute will just silently fail.
Comment 2 boleslaw.dawidowicz 2010-11-22 19:56:37 UTC 
Fix is applied in PicketLink IDM 1.1.0 branch. This should be resolved with upgrade to PLIDM 1.1.7.GA
Comment 3 Martin Weiler 2010-12-08 08:58:17 UTC 
Link: Added: This issue related JBEPP-713
Comment 4 Martin Weiler 2010-12-20 10:14:27 UTC 
Labels: Added: picketlink
Release Notes Text: Added: Using the OrganizationPortlet to edit existing user entries, the changes were applied to LDAP even though the attribute was marked as readOnly in the picketlink configuration. This has been fixed in PicketLink and any updates to readOnly attributes are now silently failing.