Category: | Bug report |
Priority: | High |
Status: | New |
Project: | Severity: | Major |
Resolution: | Open |
|
Component: | Reproducibility: | Always |
Assigned to: |
We are using jasperserver-pro, and have SSO integreted.
By default, all the SSO user login as ROLE_USER, and go to XXX orgranization.
<property name="defaultOrganization" value="XXX" />
<property name="defaultInternalRoles">
<list>
<value>ROLE_USER</value>
</list>
</property>
When a SSO user login (let's say he is named "Jack"), he only has "ROLE_USER" and under organization "XXX", then we created another role under XXX organization called "DEMO_USER".
Here is the problem, when we assigned "ROLE_ADMINISTRATOR" and "DEMO_USER" to him, at that point of time, he has both role and he is able to manage users.
But when he logout and login, the role "ROLE_ADMINISTRATOR" is gone, "DEMO_USER" is still there.