Details
-
Bug
-
Resolution: Fixed
-
Minor
-
2.4.0
-
None
Description
commit master 148a6ab441db6 2018-08-06 09:33:47
{{grouper-ws/grouper-ws/conf/grouper-ws.base.properties
- If there is an entry here for group name, then all web service client users must be in this group (before the actAs)
-#ws.client.user.group.name = etc:webServiceClientUsers
+ws.client.user.group.name = etc:webServiceClientUsers
}}
Was this intended? After upgrading to 2.4, our clients can no longer access WS. We had never set ws.client.user.group.name, thus allowing all users access. Now it is expecting users to be in group etc:webServiceClientUsers (which doesn't exist in our setup).
It may be a good idea anyway to add a whitelist group, so we may try this as a workaround. I will also try overriding with ws.client.user.group.name = <blank>, but it's possible it won't work if blank values are ignored.