Description of problem: After setting LDAP configuration properties in Administration->System Settings, when tried to login to JBoss ON, it displays the LDAP user registration screen as expected, however there are errors in server log as below: 16:18:15,526 ERROR [org.jboss.as.ejb3.tx.CMTTxInterceptor] (http-/0.0.0.0:7080-4) javax.ejb.EJBTransactionRolledbackException: org.hibernate.TransientObjectException: object references an unsaved transient instance - save the transient instance before flushing: org.rhq.core.domain.auth.Subject 16:18:15,527 ERROR [org.jboss.as.ejb3.invocation] (http-/0.0.0.0:7080-4) JBAS014134: EJB Invocation failed on component AuthorizationManagerBean for method public abstract boolean org.rhq.enterprise.server.authz.AuthorizationManagerLocal.isInventoryManager(org.rhq.core.domain.auth.Subject): javax.ejb.EJBTransactionRolledbackException: org.hibernate.TransientObjectException: object references an unsaved transient instance - save the transient instance before flushing: org.rhq.core.domain.auth.Subject I am attaching the stack trace for more details. Version-Release number of selected component (if applicable): JBoss ON Version: 3.2.0.ALPHA_QA Build Number: eef7a17:341de14 Database: PostgreSQL 9.2 Java Version: 1.6.0_18 Browser : Firefox 10.0.2 Redhat Directory Server version: 8.2.0 How reproducible: Always Steps to Reproduce: 1. Login as rhqadmin to JON 3.2 Alpha 2. Navigate to Administration->System Settings->LDAP configuration properties 3. Enter below information for JBoss ON integration with Redhat Directory Server version: 8.2.0: Enable LDAP : yes Search Base: dc=usersys,dc=redhat,dc=com Username: cn=Directory manager Password=Secret123 Search Filter: objectclass=* Group Search Filter: objectclass=groupofuniquenames Group Member Filter: uniquemember Is PosixGroup : No Login Property: uid URL: ldap://10.65.201.124:1389 SSL : No 4. Save the configuration. 5 Logout and login as LDAP user ( Ex: sunil/Redhat123 ) 6. It displays the LDAP user registration screen. 7. The server log displays errors. Actual results: Errors in server log after first attempt to login with LDAP user Expected results: No errors Additional info: The registration and login is successful and LDAP authentication and authorisation works as expected.
Created attachment 702326 [details] Server_log
master commit e157ce7089416ab3d8a2c504c4a0ef3b8a757ab7 Author: Jay Shaughnessy <jshaughn> Date: Wed Jun 5 10:03:18 2013 -0400 Sort of stepped around this problem by ensuring the UIBean (portal war) does not perform a variety of queries for users in the midst of construction. The SLSBs are not overly tolerent of subjects not yet assigned an id.
Moving this to ON_QA as available for test in brew build: https://brewweb.devel.redhat.com//buildinfo?buildID=282751
Verified on Version: 3.2.0.ALPHA_QA Build Number: 10b0467:adad71f There are no errors with first login attempt with LDAP user. Verified on Windows 2003 Active Directory and Redhat Directory Server 8.2.0.