Scope wildcards In UAA we now support client scopes to have a wildcard. Imagine this scenario
Client Scopes
- cloud_controller.*
User Joe
- cloud_controller.read
- cloud_controller.write
compilation: | |
cloud_properties: | |
name: random | |
network: cf1 | |
reuse_compilation_vms: true | |
workers: 6 | |
director_uuid: ed595226-6c52-4e99-88d2-9381a2914239 | |
jobs: | |
- instances: 1 | |
name: ha_proxy_z1 |
Running org.cloudfoundry.identity.uaa.scim.endpoints.ScimUserEndpointsMockMvcTests | |
[2014-05-21 17:43:03.550] cloudfoundry-identity-uaa - ???? [main] .... ERROR --- TestContextManager: Caught exception while allowing TestExecutionListener [org.springframework.test.context.web.ServletTestExecutionListener@64f4e9dd] to prepare test instance [org.cloudfoundry.identity.uaa.scim.endpoints.ScimUserEndpointsMockMvcTests@169e15a3] | |
java.lang.IllegalStateException: BeanFactory not initialized or already closed - call 'refresh' before accessing beans via the ApplicationContext | |
at org.springframework.context.support.AbstractRefreshableApplicationContext.getBeanFactory(AbstractRefreshableApplicationContext.java:170) | |
at org.springframework.test.context.web.ServletTestExecutionListener.setUpRequestContextIfNecessary(ServletTestExecutionListener.java:182) | |
at org.springframework.test.context.web.ServletTestExecutionListener.prepareTestInstance(ServletTestExecutionListener.java:100) | |
at org.springframework.test.context.TestC |
cd /tmp | |
rm -rf build | |
cd /tmp/build/ | |
git clone git@github.com:cloudfoundry/uaa | |
cd uaa/ | |
git co feature/uaa-ldap-authentication | |
export CATALINA_PID=/tmp/tomcat.pid | |
export CATALINA_OUT=/tmp/tomcat.log | |
export TESTENV=keystone,default,coverage | |
wget -O tomcat.tar.gz http://archive.apache.org/dist/tomcat/tomcat-7/v7.0.52/bin/apache-tomcat-7.0.52.tar.gz |
Running org.cloudfoundry.identity.uaa.scim.endpoints.ScimUserEndpointsMockMvcTests | |
MockHttpServletRequest: | |
HTTP Method = POST | |
Request URI = /oauth/token | |
Parameters = {grant_type=[client_credentials], client_id=[admin], scope=[clients.read clients.write clients.secret]} | |
Headers = {Authorization=[Basic YWRtaW46YWRtaW5zZWNyZXQ=]} | |
Handler: | |
Type = null |
/development/pivotal/cloudfoundry/cf-release(develop[a:16/b:0]) $ git diff upstream/develop origin/develop | |
diff --git a/packages/cloud_controller_ng/pre_packaging b/packages/cloud_controller_ng/pre_packaging | |
index 7b913be..fa23922 100644 | |
--- a/packages/cloud_controller_ng/pre_packaging | |
+++ b/packages/cloud_controller_ng/pre_packaging | |
@@ -1,4 +1,4 @@ | |
set -e -x | |
cd ${BUILD_DIR}/cloud_controller_ng | |
-BUNDLE_WITHOUT=development:test bundle package --all |
{ | |
"approved_scopes": [], | |
"auth_request": { | |
"approvalParameters": {}, | |
"approved": false, | |
"authorities": [ | |
{ | |
"authority": "uaa.none" | |
} | |
], |
Scope wildcards In UAA we now support client scopes to have a wildcard. Imagine this scenario
Client Scopes
User Joe
/software/java/jdk1.7.0_51_x64/bin/java -ea -Didea.launcher.port=7533 -Didea.launcher.bin.path=/software/idea-IU-135.480/bin -Dfile.encoding=UTF-8 -classpath /software/idea-IU-135.480/lib/idea_rt.jar:/software/idea-IU-135.480/plugins/junit/lib/junit-rt.jar:/software/java/jdk1.7.0_51_x64/jre/lib/rt.jar:/software/java/jdk1.7.0_51_x64/jre/lib/resources.jar:/software/java/jdk1.7.0_51_x64/jre/lib/javaws.jar:/software/java/jdk1.7.0_51_x64/jre/lib/jsse.jar:/software/java/jdk1.7.0_51_x64/jre/lib/jfxrt.jar:/software/java/jdk1.7.0_51_x64/jre/lib/plugin.jar:/software/java/jdk1.7.0_51_x64/jre/lib/charsets.jar:/software/java/jdk1.7.0_51_x64/jre/lib/jfr.jar:/software/java/jdk1.7.0_51_x64/jre/lib/jce.jar:/software/java/jdk1.7.0_51_x64/jre/lib/management-agent.jar:/software/java/jdk1.7.0_51_x64/jre/lib/deploy.jar:/software/java/jdk1.7.0_51_x64/jre/lib/ext/sunpkcs11.jar:/software/java/jdk1.7.0_51_x64/jre/lib/ext/localedata.jar:/software/java/jdk1.7.0_51_x64/jre/lib/ext/sunjce_provider.jar:/software/java/jdk1.7.0_51_x64/jre/li |
java.lang.IllegalArgumentException: Could not resolve placeholder 'environmentYamlKey' in string value "${environmentYamlKey}" | |
org.springframework.util.PropertyPlaceholderHelper.parseStringValue(PropertyPlaceholderHelper.java:174) | |
org.springframework.util.PropertyPlaceholderHelper.replacePlaceholders(PropertyPlaceholderHelper.java:126) | |
org.springframework.core.env.AbstractPropertyResolver.doResolvePlaceholders(AbstractPropertyResolver.java:194) | |
org.springframework.core.env.AbstractPropertyResolver.resolveRequiredPlaceholders(AbstractPropertyResolver.java:158) | |
org.springframework.context.support.PropertySourcesPlaceholderConfigurer$2.resolveStringValue(PropertySourcesPlaceholderConfigurer.java:175) | |
org.springframework.beans.factory.config.BeanDefinitionVisitor.resolveStringValue(BeanDefinitionVisitor.java:282) | |
org.springframework.beans.factory.config.BeanDefinitionVisitor.resolveValue(BeanDefinitionVisitor.java:204) | |
org.springframework.beans.factory.config.BeanDefinitionVisitor.visitPropertyValues(Bean |
spring_profiles: ldap,default,hsqldb | |
ldap: | |
profile: | |
file:ldap/ldap-search-and-bind.xml | |
groups: | |
file:ldap/ldap-groups-as-scopes.xml | |
base: | |
url: 'ldap://localhost:389/' | |
userDn: 'cn=admin,ou=Users,dc=test,dc=com' | |
password: 'password' |