Description of problem: Configured the LDAP configuration properties and navigated to role assignment UI. Assigned one LDAP group to the role and saved it. Again edited the role and unassigned the ldap group from the role, searched for the same ldap group and reassigned again to the role. After clicking save button, the UI displays warning 'Server returned FAILURE with no error message.' The server log displays BatchUpdateException. Please find attached the UI warning message and server log errors. Version-Release number of selected component (if applicable): JBoss ON Version: 3.2.0.ALPHA_QA Build Number: 1878d58:5e6b489 Postgres 8.3.8 How reproducible: Always Steps to Reproduce: 1. Configure the LDAP configuration properties in Administration->System Settings->LDAP Configuration Properties 2. Navigate to Administration->Roles 3. Create a role in Jboss ON and assign a LDAP group ( Ex: testgroup1 ) to the role and save. 4. Click on the role created above to edit. 5. Navigate to 'LDAP Groups' tab. 6. Unassign the LDAP group ( Ex: testgroup1 ) 7. Search for the same LDAP group on the role assignment UI ( Ex: testgroup1 - If this step is not performed, the bug will not be reproducible) 8. Assign the same LDAP group again to the JBoss ON role after search. 9. Click on 'Save' button. 10. The JBoss ON UI shows the warning 'Server returned FAILURE with no error message. 11. The server log displays errors. Actual results: UI has a warning message and server log has errors Expected results: No errors in UI and server log. Additional info: 1. If unassign a LDAP group and assign another LDAP group..no errors 2. If unassign a LDAP group and without doing a search, if the same LDAP group is assigned again, no errors 3. Reproducible with less than 10 LDAP groups - not an performance related bug. 4. Reproducible on Windows 2003 AD server and Redhat Directory server 8.2.0
Created attachment 785749 [details] Screenshot-UI_Warning
Created attachment 785751 [details] Server_log
20:24:44,556 WARN [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (http-/0.0.0.0:7080-2) SQL Error: 0, SQLState: 23505 20:24:44,556 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (http-/0.0.0.0:7080-2) Batch entry 0 insert into RHQ_ROLE_LDAP_GROUP (LDAP_GROUP_NAME, ROLE_ID, ID) values ('sunilgroupad', 10001, 10011) was aborted. Call getNextException to see the cause. 20:24:44,556 WARN [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (http-/0.0.0.0:7080-2) SQL Error: 0, SQLState: 23505 20:24:44,556 ERROR [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] (http-/0.0.0.0:7080-2) ERROR: duplicate key value violates unique constraint "rhq_role_ldap_group_idx" 20:24:44,578 ERROR [org.jboss.as.ejb3.invocation] (http-/0.0.0.0:7080-2) JBAS014134: EJB Invocation failed on component RoleManagerBean for method public abstract org.rhq.core.domain.authz.Role org.rhq.enterprise.server.authz.RoleManagerLocal.updateRole(org.rhq.core.domain.auth.Subject,org.rhq.core.domain.authz.Role): /org/rhq/enterprise/server/authz/RoleManagerBean.java:468 for (LdapGroup ldapGroup : currentLdapGroups) { if (!newLdapGroups.contains(ldapGroup)) { attachedRole.removeLdapGroup(ldapGroup); entityManager.remove(ldapGroup); } the contains() succeeds and thus the if (!contains()) fails and the block is not removing the old association. Then in the next block that group-role is attached again, but fails, as a group with that name still exits.
master 8e3e7bbe8ac0d
Moving to ON_QA for testing.
Verified on Version: 3.2.0.ER3 Build Number: c0742ed:cbad264 Followed the steps and verified that there are no errors in UI and server log after unassigning and reassigning again the same LDAP group in role assignment UI.