[midPoint] upgrade to MP 3.5 role cycle error on user resource import
Shawn McKinney
smckinney at symas.com
Tue Jan 10 00:43:44 CET 2017
Hey Pavol, thanks for responding.
Pasting first the service, m1001, next the org, m1set, finally the admin role.
m1001:
<service xmlns:apti="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:gen780="http://prism.evolveum.com/xml/ns/public/debug" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" oid="6aa02b86-6619-4be0-9268-1e875f9ef403" version="12" xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3">
<name>m1001</name>
<description>Members will be user dn's who have access to this machine.</description>
<parentOrgRef oid="af5ea4a1-bd88-40de-978d-50a7c263d38e" type="c:OrgType"/>
<extension xmlns:gen885="http://example.com/xml/ns/mySchema">
<gen885:gidNumber>5</gen885:gidNumber>
</extension>
<assignment id="2" xsi:type="c:AssignmentType">
<targetRef oid="af5ea4a1-bd88-40de-978d-50a7c263d38e" type="c:OrgType"/>
</assignment>
<assignment id="3" xsi:type="c:AssignmentType">
<targetRef oid="4340faa4-c635-47ce-96a6-03eb25bb3edf" type="c:RoleType"/>
</assignment>
<displayName>Set 1 Machine 001</displayName>
<identifier>m1</identifier>
</service>
m1set:
<org xmlns:apti="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:gen635="http://prism.evolveum.com/xml/ns/public/debug" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" oid="af5ea4a1-bd88-40de-978d-50a7c263d38e" version="34" xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3">
<name>m1set</name>
<description>Members are dn's of all ldap machine groups in set 1.</description>
<extension xmlns:gen897="http://example.com/xml/ns/mySchema">
<gen897:gidNumber>13</gen897:gidNumber>
</extension>
<assignment id="1">
<targetRef oid="9c6d1dbe-1a87-11e5-b107-001e8c717e5b" type="c:RoleType"/>
</assignment>
<assignment id="2">
<targetRef oid="d10c1e42-7cda-44e0-9df9-45210194647b" type="c:OrgType"/>
</assignment>
<displayName>Machine Set 1</displayName>
<identifier>m1</identifier>
<orgType>machines</orgType>
</org>
role-admin:
<role xmlns:apti="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:gen635="http://prism.evolveum.com/xml/ns/public/debug" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" oid="6aaaa771-3267-454f-b399-4a84ddfc78f8" version="44" xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3">
<name>admin</name>
<description>Gives users root for all machines in selected set</description>
<assignment id="1">
<targetRef oid="15cdcbba-74ab-46d6-90e7-54e701a176be" type="c:RoleType"/>
</assignment>
<displayName>Machine Admin</displayName>
<authorization id="5">
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#guiAll</action>
</authorization>
<authorization id="4">
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#all</action>
<object>
<orgRelation>
<subjectRelation xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3">org:manager</subjectRelation>
<includeReferenceOrg>true</includeReferenceOrg>
</orgRelation>
</object>
</authorization>
<authorization id="6">
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
<object>
<type>OrgType</type>
<filter>
<q:or>
<q:equal>
<q:path>name</q:path>
<q:value>Machines-new</q:value>
</q:equal>
</q:or>
</filter>
</object>
</authorization>
<authorization id="7">
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
<object>
<type>ShadowType</type>
</object>
<object>
<type>ResourceType</type>
</object>
<object>
<type>TaskType</type>
</object>
<object>
<type>RoleType</type>
</object>
<object>
<type>ServiceType</type>
</object>
</authorization>
<authorization id="8">
<action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#add</action>
<object>
<type>UserType</type>
</object>
</authorization>
<approverExpression>
<description>Get user's managers (except the user itself)</description>
<script>
<code>
import com.evolveum.midpoint.prism.*
import com.evolveum.midpoint.prism.delta.*
import com.evolveum.midpoint.xml.ns._public.common.common_3.*
ContainerDelta roleDelta = objectDelta.findContainerDelta(UserType.F_ASSIGNMENT);
Collection assignmnetsToModify = new ArrayList();
if (roleDelta != null){
if (roleDelta.getValuesToAdd() != null) {
assignmnetsToModify.addAll(roleDelta.getValuesToAdd());
}
if (roleDelta.getValuesToReplace() != null) {
assignmnetsToModify.addAll(roleDelta.getValuesToAdd());
}
if (roleDelta.getValuesToDelete() != null) {
assignmnetsToModify.addAll(roleDelta.getValuesToAdd());
}
}
managers = []
for (PrismContainerValue assignment in assignmnetsToModify) {
AssignmentType ass = assignment.asContainerable();
if (ass.getTargetRef() != null && ass.getTargetRef().getOid().equals("6aaaa771-3267-454f-b399-4a84ddfc78f8")) {
if (ass.getOrgRef() != null) {
users = midpoint.getManagersOfOrg(ass.getOrgRef().getOid());
for (user in users){
managers.add(user.getOid())
}
}
}
}
return managers
</code>
</script>
</approverExpression>
<automaticallyApproved>
<description>If the user works in F0006 (Scumm Bar), the assignment of this role is automatically approved for him.</description>
<script>
<code>
import com.evolveum.midpoint.prism.*
import com.evolveum.midpoint.prism.delta.*
import com.evolveum.midpoint.xml.ns._public.common.common_3.*
if (requester.getName().getOrig().equals("administrator")) {
return true
}
ContainerDelta roleDelta = objectDelta.findContainerDelta(UserType.F_ASSIGNMENT);
Collection assignmnetsToModify = new ArrayList();
if (roleDelta != null){
if (roleDelta.getValuesToAdd() != null) {
assignmnetsToModify.addAll(roleDelta.getValuesToAdd());
}
if (roleDelta.getValuesToReplace() != null) {
assignmnetsToModify.addAll(roleDelta.getValuesToReplace());
}
if (roleDelta.getValuesToDelete() != null) {
assignmnetsToModify.addAll(roleDelta.getValuesToDelete());
}
}
isManager = false
for (PrismContainerValue assignment in assignmnetsToModify) {
AssignmentType ass = assignment.asContainerable();
if (ass.getTargetRef() != null && ass.getTargetRef().getOid() != null) {
role = midpoint.getObject(RoleType.class, ass.getTargetRef().getOid())
if (role?.getName()?.getOrig()?.equals("admin")) {
if (ass.getOrgRef() != null) {
isManager = midpoint.isManagerOf(requester, midpoint.getOrgByOid(ass.getOrgRef().getOid()).getOid())
log.info('######is Manager : ' + isManager)
}
}
}
}
return isManager
</code>
</script>
</automaticallyApproved>
<roleType>access</roleType>
</role>
> On Jan 9, 2017, at 8:01 AM, Pavol Mederly <mederly at evolveum.com> wrote:
>
> Hello Shawn,
>
> I would recommend looking at the possible role cycle that midPoint is complaining about.
>
> Could you, please, paste here the definition of your "admin" role, including any roles/orgs/services it refers to (probably including m1001)?
>
> Best regards,
>
> Pavol Mederly
> Software developer
> evolveum.com
>
> On 02.01.2017 21:45, Shawn McKinney wrote:
>> Hello,
>>
>> we are attempting to upgrade our MP (test) instance from 3.4-SNAPSHOT to 3.5. Here is what I have done:
>>
>> 1. pulled (&built) midpoint.war using latest midpoint overlay, set its pom.xml dependencies as follows:
>>
>> <dependencies>
>> <dependency>
>> <groupId>com.evolveum.midpoint.gui</groupId>
>> <artifactId>admin-gui</artifactId>
>> <version>3.5</version>
>> <type>war</type>
>> <scope>runtime</scope>
>> </dependency>
>> <dependency>
>> <groupId>com.evolveum.midpoint.gui</groupId>
>> <artifactId>admin-gui</artifactId>
>> <version>3.5</version>
>> <type>jar</type>
>> <classifier>classes</classifier>
>> <scope>compile</scope>
>> </dependency>
>>
>>
>> 2. change env to use java 8
>>
>> 3. run the postgresql-upgrade-3.4-3.5.sql
>>
>> 4. change ldapconnector resource import to 1.4.3
>>
>> <name>ICF com.evolveum.polygon.connector.ldap.LdapConnector v1.4.3</name>
>> <framework>http://midpoint.evolveum.com/xml/ns/public/connector/icf-1</framework>
>> <connectorType>com.evolveum.polygon.connector.ldap.LdapConnector</connectorType>
>> <connectorVersion>1.4.3</connectorVersion>
>>
>> 5. clear out old identities, objects, connectors, resources, etc.
>>
>> 6. redeploy using latest midpoint generated on step #1
>>
>> 7. restart tomcat
>>
>> 8. everything seems fine until it processes resource file: 850-user-aM1Admin.xml where we get the following error in logs. Resource file contents follow stck trace.
>>
>> Any ideas what is going wrong here?
>>
>> Begin log trace:
>> 2017-01-02 19:29:38,544 [] [localhost-startStop-1] INFO (com.evolveum.midpoint.init.InitialDataImport): Starting initial object import (if necessary).
>> 2017-01-02 19:29:40,737 [] [localhost-startStop-1] INFO (com.evolveum.midpoint.init.InitialDataImport): Starting initial import of file 850-user-aM1Admin.xml.
>> 2017-01-02 19:29:40,849 [] [localhost-startStop-1] INFO (com.evolveum.midpoint.audit.log): 2017-01-02T19:29:40.841+0000 eid=1483385380841-0-1, et=ADD_OBJECT, es=REQUEST, sid=null, tid=1483385378544-0-1, toid=null, hid=null, I=null, T=FocusType:d4839bfa-6078-43c9-a5a8-61fe2a157faa({http://midpoint.evolveum.com/xml/ns/public/common/common-3}user), TO=null, D=[d4839bfa-6078-43c9-a5a8-61fe2a157faa:ADD], ch=http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init, o=null, p=null, m=
>> 2017-01-02 19:29:41,686 [] [localhost-startStop-1] INFO (com.evolveum.midpoint.audit.log): 2017-01-02T19:29:41.686+0000 eid=1483385381686-0-1, et=ADD_OBJECT, es=EXECUTION, sid=null, tid=1483385378544-0-1, toid=null, hid=null, I=null, T=FocusType:d4839bfa-6078-43c9-a5a8-61fe2a157faa({http://midpoint.evolveum.com/xml/ns/public/common/common-3}user), TO=null, D=[], ch=http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init, o=FATAL_ERROR, p=null, m=Attempt to assign service:6aa02b86-6619-4be0-9268-1e875f9ef403(m1001) creates a role cycle
>> 2017-01-02 19:29:41,712 [] [localhost-startStop-1] ERROR (com.evolveum.midpoint.init.InitialDataImport): Couldn't import user:d4839bfa-6078-43c9-a5a8-61fe2a157faa(aM1Admin) from file 850-user-aM1Admin.xml: .
>> com.evolveum.midpoint.util.exception.PolicyViolationException: Attempt to assign service:6aa02b86-6619-4be0-9268-1e875f9ef403(m1001) creates a role cycle
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:306) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:717) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:717) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:717) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluate(AssignmentEvaluator.java:222) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.evaluateAssignment(AssignmentProcessor.java:1057) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.processAssignmentsProjectionsWithFocus(AssignmentProcessor.java:443) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.processAssignmentsProjections(AssignmentProcessor.java:191) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.projector.FocusProcessor.processFocusFocus(FocusProcessor.java:249) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.projector.FocusProcessor.processFocus(FocusProcessor.java:163) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.projector.Projector.projectInternal(Projector.java:214) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.projector.Projector.project(Projector.java:112) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.Clockwork.click(Clockwork.java:311) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.lens.Clockwork.run(Clockwork.java:221) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.controller.ModelController.executeChanges(ModelController.java:575) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.model.impl.controller.ModelController.executeChanges(ModelController.java:371) ~[model-impl-3.5.jar:na]
>> at com.evolveum.midpoint.init.InitialDataImport.importObject(InitialDataImport.java:189) [classes/:na]
>> at com.evolveum.midpoint.init.InitialDataImport.init(InitialDataImport.java:132) [classes/:na]
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_111]
>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_111]
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_111]
>> at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_111]
>> at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1706) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1645) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1574) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:545) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:772) [spring-beans-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:839) [spring-context-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:538) [spring-context-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:444) [spring-web-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:326) [spring-web-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107) [spring-web-4.2.5.RELEASE.jar:4.2.5.RELEASE]
>> at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4793) [catalina.jar:8.0.29]
>> at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5236) [catalina.jar:8.0.29]
>> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [catalina.jar:8.0.29]
>> at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:725) [catalina.jar:8.0.29]
>> at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:701) [catalina.jar:8.0.29]
>> at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717) [catalina.jar:8.0.29]
>> at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:945) [catalina.jar:8.0.29]
>> at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1795) [catalina.jar:8.0.29]
>> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [na:1.8.0_111]
>> at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_111]
>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_111]
>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_111]
>> at java.lang.Thread.run(Thread.java:745) [na:1.8.0_111]
>> 2017-01-02 19:29:41,716 [] [localhost-startStop-1] INFO (com.evolveum.midpoint.init.InitialDataImport):
>> *op* com.evolveum.midpoint.init.InitialDataImport.importObject, st: FATAL_ERROR, msg: Attempt to assign service:6aa02b86-6619-4be0-9268-1e875f9ef403(m1001) creates a role cycle
>> [cause]PolicyViolationException:Attempt to assign service:6aa02b86-6619-4be0-9268-1e875f9ef403(m1001) creates a role cycle
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:306)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:717)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:717)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:717)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentTarget(AssignmentEvaluator.java:754)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignmentWithResolvedTarget(AssignmentEvaluator.java:367)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluateAssignment(AssignmentEvaluator.java:279)
>> com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator.evaluate(AssignmentEvaluator.java:222)
>> com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.evaluateAssignment(AssignmentProcessor.java:1057)
>> com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.processAssignmentsProjectionsWithFocus(AssignmentProcessor.java:443)
>> com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.processAssignmentsProjections(AssignmentProcessor.java:191)
>> com.evolveum.midpoint.model.impl.lens.projector.FocusProcessor.processFocusFocus(FocusProcessor.java:249)
>> com.evolveum.midpoint.model.impl.lens.projector.FocusProcessor.processFocus(FocusProcessor.java:163)
>> com.evolveum.midpoint.model.impl.lens.projector.Projector.projectInternal(Projector.java:214)
>> com.evolveum.midpoint.model.impl.lens.projector.Projector.project(Projector.java:112)
>> com.evolveum.midpoint.model.impl.lens.Clockwork.click(Clockwork.java:311)
>> com.evolveum.midpoint.model.impl.lens.Clockwork.run(Clockwork.java:221)
>> com.evolveum.midpoint.model.impl.controller.ModelController.executeChanges(ModelController.java:575)
>> com.evolveum.midpoint.model.impl.controller.ModelController.executeChanges(ModelController.java:371)
>> com.evolveum.midpoint.init.InitialDataImport.importObject(InitialDataImport.java:189)
>> com.evolveum.midpoint.init.InitialDataImport.init(InitialDataImport.java:132)
>> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> java.lang.reflect.Method.invoke(Method.java:498)
>> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java:1706)
>> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1645)
>> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1574)
>> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:545)
>> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:482)
>> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306)
>> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
>> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302)
>> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197)
>> org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:772)
>> org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:839)
>> org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:538)
>> org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:444)
>> org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:326)
>> org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107)
>> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4793)
>> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5236)
>> org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
>> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:725)
>> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:701)
>> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:717)
>> org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:945)
>> org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1795)
>> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
>> java.util.concurrent.FutureTask.run(FutureTask.java:266)
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>> java.lang.Thread.run(Thread.java:745)
>> *op* com.evolveum.midpoint.model.api.ModelService.getObject, st: FATAL_ERROR, MINOR, msg: Object of type 'UserType' with oid 'd4839bfa-6078-43c9-a5a8-61fe2a157faa' was not found.
>> [p]options=[ObjectOperationOptions(null: GetOperationOptions(allowNotFound))]
>> [p]oid=d4839bfa-6078-43c9-a5a8-61fe2a157faa
>> [p]class=com.evolveum.midpoint.xml.ns._public.common.common_3.UserType
>> [cause]ObjectNotFoundException:Object of type 'UserType' with oid 'd4839bfa-6078-43c9-a5a8-61fe2a157faa' was not found.
>>
>>
>>
>> The entire resource file is as follows:
>>
>> 850-user-aM1Admin.xml
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <user xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
>> xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
>> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
>> oid="d4839bfa-6078-43c9-a5a8-61fe2a157faa"
>> version="1">
>> <name>aM1Admin</name>
>> <description>Admin access to machines in set 1</description>
>> <fullName>M1 Admin</fullName>
>> <givenName>M1</givenName>
>> <familyName>Admin</familyName>
>> <assignment>
>> <targetRef type="RoleType" >
>> <filter>
>> <q:equal>
>> <q:path>name</q:path>
>> <q:value>admin</q:value>
>> </q:equal>
>> </filter>
>> </targetRef>
>> <orgRef type="OrgType">
>> <filter>
>> <q:equal>
>> <q:path>name</q:path>
>> <q:value>m1set</q:value>
>> </q:equal>
>> </filter>
>> </orgRef>
>> </assignment>
>> <credentials>
>> <password>
>> <value>
>> <t:clearValue>secret</t:clearValue>
>> </value>
>> </password>
>> </credentials>
>> </user>
>>
>> Thanks,
>> Shawn
>>
>>
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
More information about the midPoint
mailing list