Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 915291

Summary: Errors in server log after first attempt to login with LDAP user
Product: [JBoss] JBoss Operations Network Reporter: Sunil Kondkar <skondkar>
Component: Core ServerAssignee: Jay Shaughnessy <jshaughn>
Status: CLOSED CURRENTRELEASE QA Contact: Mike Foley <mfoley>
Severity: medium Docs Contact:
Priority: high    
Version: JON 3.2CC: jshaughn
Target Milestone: Alpha-x   
Target Release: JON 3.2.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-02 20:34:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Server_log none

Description Sunil Kondkar 2013-02-25 12:14:35 UTC 
Description of problem:

After setting LDAP configuration properties in Administration->System Settings, when tried to login to JBoss ON, it displays the LDAP user registration screen as expected, however there are errors in server log as below:

16:18:15,526 ERROR [org.jboss.as.ejb3.tx.CMTTxInterceptor] (http-/0.0.0.0:7080-4) javax.ejb.EJBTransactionRolledbackException: org.hibernate.TransientObjectException: object references an unsaved transient instance - save the transient instance before flushing: org.rhq.core.domain.auth.Subject
16:18:15,527 ERROR [org.jboss.as.ejb3.invocation] (http-/0.0.0.0:7080-4) JBAS014134: EJB Invocation failed on component AuthorizationManagerBean for method public abstract boolean org.rhq.enterprise.server.authz.AuthorizationManagerLocal.isInventoryManager(org.rhq.core.domain.auth.Subject): javax.ejb.EJBTransactionRolledbackException: org.hibernate.TransientObjectException: object references an unsaved transient instance - save the transient instance before flushing: org.rhq.core.domain.auth.Subject

I am attaching the stack trace for more details.

Version-Release number of selected component (if applicable):

JBoss ON Version: 3.2.0.ALPHA_QA
Build Number: eef7a17:341de14

Database: PostgreSQL 9.2
Java Version: 1.6.0_18
Browser : Firefox 10.0.2
Redhat Directory Server version: 8.2.0 

How reproducible:

Always

Steps to Reproduce:

1. Login as rhqadmin to JON 3.2 Alpha
2. Navigate to Administration->System Settings->LDAP configuration properties
3. Enter below information for JBoss ON integration with Redhat Directory Server version: 8.2.0:

Enable LDAP : yes
Search Base: dc=usersys,dc=redhat,dc=com
Username: cn=Directory manager
Password=Secret123
Search Filter: objectclass=*
Group Search Filter: objectclass=groupofuniquenames
Group Member Filter: uniquemember
Is PosixGroup : No
Login Property: uid
URL:  ldap://10.65.201.124:1389
SSL : No

4. Save the configuration.
5 Logout and login as LDAP user ( Ex: sunil/Redhat123 )
6. It displays the LDAP user registration screen.
7. The server log displays errors.

  
Actual results:
Errors in server log after first attempt to login with LDAP user

Expected results:
No errors

Additional info:

The registration and login is successful and LDAP authentication and authorisation works as expected.
Comment 1 Sunil Kondkar 2013-02-25 12:15:18 UTC 
Created attachment 702326 [details]
Server_log
Comment 3 Jay Shaughnessy 2013-06-05 14:08:20 UTC 
master commit e157ce7089416ab3d8a2c504c4a0ef3b8a757ab7
Author: Jay Shaughnessy <jshaughn>
Date:   Wed Jun 5 10:03:18 2013 -0400

    Sort of stepped around this problem by ensuring the UIBean (portal war)
    does not perform a variety of queries for users in the midst of
    construction.  The SLSBs are not overly tolerent of subjects not yet
    assigned an id.
Comment 4 Simeon Pinder 2013-07-23 14:19:57 UTC 
Moving this to ON_QA as available for test in brew build:
https://brewweb.devel.redhat.com//buildinfo?buildID=282751
Comment 5 Sunil Kondkar 2013-09-02 18:02:24 UTC 
Verified on Version: 3.2.0.ALPHA_QA
Build Number: 10b0467:adad71f

There are no errors with first login attempt with LDAP user. Verified on Windows 2003 Active Directory and Redhat Directory Server 8.2.0.