We're updating the issue view to help you get more done.Â
GeoFence Embedded Server does not check for plain Rule Services
Description
GeoFence Server InternalUserResolver currently checks only User Group Services
for (String serviceName : securityManager.listUserGroupServices()) {
...
this completely ignoring roles associate to users from a plain Role Service.
The proposal is to add a check for Role Services too
for (String roleServiceName : securityManager.listRoleServices()) {
if (securityManager.loadRoleService(roleServiceName).getRolesForUser(username) != null &&
!securityManager.loadRoleService(roleServiceName).getRolesForUser(username).isEmpty()) {
return true;
}
}
Environment
None
