Can not assign default role to a SSO user.

[hxue]

We are using jasperserver-pro, and have SSO integreted.

By default, all the SSO user login as ROLE_USER, and go to XXX orgranization.

<property name="defaultOrganization" value="XXX" />

 <property name="defaultInternalRoles">
                        <list>
                                <value>ROLE_USER</value>
                        </list>
 </property>

When a SSO user login named "Jack", he only has ROLE_USER, then we created another role under XXX organization called DEMO_USER.

Here is the problem, when we assgin ROLE_ADMINISTRATOR and DEMO_USER to him, at that point of time, he has both role and he is able to manage user.

But when he logout and login, the role ROLE_ADMINISTRATOR is gone, DEMO_USER is still there.

[elizam]

You cannot assign roles through the Jasper interface and have them stick for external users.  The only roles a user can keep are ones generated through the external authentication process.  You need to set up assignment of admin roles in your application context file.

[hxue]

Thanks, I figured out the problem.

The solution is:

Comment out this property "organizationRoleMap" in applicationContext-externalAuth-saml.xml