Bug 1017089 - New Kerberos user failed to be enabled
New Kerberos user failed to be enabled
Product: Zanata
Classification: Community
Component: Authentication-Kerberos (Show other bugs)
Unspecified Unspecified
unspecified Severity high
: ---
: 3.1
Assigned To: Carlos Munoz
Zanata-QA Mailling List
Depends On:
  Show dependency treegraph
Reported: 2013-10-09 05:03 EDT by Ding-Yi Chen
Modified: 2013-11-26 22:36 EST (History)
5 users (show)

See Also:
Fixed In Version: 3.1.1-SNAPSHOT (20131011-1008)
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-11-26 22:24:00 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ding-Yi Chen 2013-10-09 05:03:08 EDT
Description of problem:
After sign in with Kerberos the first time and clicked activated link,
zanata failed to enable that user.

Version-Release number of selected component (if applicable):
3.1-SNAPSHOT (20131008-1236)

How reproducible:

Steps to Reproduce:
1. Log in with a new user
2. Click activation link in activation email.
3. Log in

Actual results:
The user was disabled.

Expected results:
The user should be enabled.

Additional info:
Comment 1 Carlos Munoz 2013-10-09 23:50:48 EDT
This was apparently being caused by changes to our entity classes (access type).

Comment 2 Sean Flanigan 2013-10-09 23:57:54 EDT
This should be fixed by https://github.com/zanata/zanata-server/commit/27711d6b4c9019a00e1f78a9447215275895919e which reverts the Lombok/field-based changes to our entities.

Apparently Hibernate's dirtiness detection isn't triggered when using field-based reflection from Seam's IdentityManager.enableUser() and grantRole() (probably because they never call *any* methods on the entities).  Moving the relevant Seam annotations for HAccount from the fields (HAccount.enabled and HAccount.roles) back to accessor methods seems to fix it.

However, due to https://hibernate.atlassian.net/browse/HHH-3718 the use of field access for the id field of entities could be causing a performance problem by preventing lazy loading.  See also http://blog.xebia.com/2009/06/13/jpa-implementation-patterns-field-access-vs-property-access/ and http://stackoverflow.com/a/3739197/14379 

I suggest we try field access again for Zanata 3.2, but with annotated methods and property access just for the Seam identity properties and for all the entity id fields.
Comment 3 Sean Flanigan 2013-10-10 03:51:17 EDT
Could you please give this a quick retest against 3.1.2-SNAPSHOT?
Comment 4 Ding-Yi Chen 2013-10-10 20:38:41 EDT
VERIFIED with Zanata version 3.1.1-SNAPSHOT (20131011-1008)
Comment 5 Sean Flanigan 2013-11-26 22:14:16 EST
Closing VERIFIED bugs for Zanata versions <= 3.1.
Comment 6 Sean Flanigan 2013-11-26 22:16:05 EST
Closing VERIFIED bugs for Zanata versions <= 3.1.
Comment 7 Sean Flanigan 2013-11-26 22:19:57 EST
Closing VERIFIED bugs for Zanata versions <= 3.1.
Comment 8 Sean Flanigan 2013-11-26 22:24:00 EST
Closing VERIFIED bugs for Zanata versions <= 3.1.
Comment 9 Sean Flanigan 2013-11-26 22:34:48 EST
Closing VERIFIED bugs for Zanata versions <= 3.1.
Comment 10 Sean Flanigan 2013-11-26 22:36:54 EST
Closing VERIFIED bugs for Zanata versions <= 3.1.

Note You need to log in before you can comment on or make changes to this bug.