[midPoint] Authorization for method midpoint.getObject
Lubomir Odlevak
odlevak.lubomir at gmail.com
Fri Feb 7 14:46:59 CET 2020
I have end user authorization issue with method
midpoint.getObject(ShadowType, shadowOid). I have metarole with condition
where i am using that method and getting error following error:
Expression error:
com.evolveum.midpoint.util.exception.AuthorizationException: Access denied
in expression in mapping in condition in assignment role
I have set authorization but it did not help (see below). Any idea which
authorization is needed for method midpoint.getObject() ?
<authorization id="45">
<name>my-authorization-1</name>
<action>
http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read
</action>
<action>
http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#search
</action>
<object id="24">
<type>ResourceType</type>
</object>
<object id="37">
<type>ShadowType</type>
</object>
<object id="25">
<type>RoleType</type>
</object>
<object id="44">
<type>UserType</type>
</object>
</authorization>
Thank you very much
Regards
Lubomir Odlevak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200207/73a6a0be/attachment.htm>
More information about the midPoint
mailing list