<div dir="ltr">Here's the a pastebin with the End User role: <a href="http://pastebin.com/hufRebnK">http://pastebin.com/hufRebnK</a><br><br>I just tried the same action within my dev environment (the account has groups as well), using this exact same role, and everything worked fine. This leads me to believe there might be a different issue here?<div><br></div><div>Thanks, </div><div>-F </div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 25, 2016 at 11:15 AM, Florin. Stingaciu <span dir="ltr"><<a href="mailto:fstingaciu@mirantis.com" target="_blank">fstingaciu@mirantis.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hey Ivan,<div><br></div><div>Yes, indeed. This other account does reference groups. I'm assuming this means there's an authorization action for reading groups?</div><div><br></div><div>The end user role is just the default one that comes with midpoint. I'm using version 3.3.1.</div><div><br></div><div>Thanks, </div><span class="HOEnZb"><font color="#888888"><div>-F </div></font></span></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 25, 2016 at 11:10 AM, Ivan Noris <span dir="ltr"><<a href="mailto:ivan.noris@evolveum.com" target="_blank">ivan.noris@evolveum.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
Hi Florin,<br>
<br>
is the other account referencing any associations (groups)? If you
open the same user as administrator. Most of the times this was my
problem, if I had not good End user role.<br>
<br>
Which midPoint version is this?<br>
<br>
Ivan<div><div><br>
<br>
<div>On 05/25/2016 07:09 PM, Florin.
Stingaciu wrote:<br>
</div>
</div></div><blockquote type="cite"><div><div>
<div dir="ltr">Hello,
<div><br>
</div>
<div>I'm trying to use the End User role to allow users to login
and verify their accounts. The definition for the End User
role is the default definition, however when I log in as an
End User, one of two of my resources fails to load with the
following error:<br>
<p>
</p>
<p><span>2016-05-25 17:05:17,699 []
[http-bio-8443-exec-2] ERROR
(com.evolveum.midpoint.web.page.admin.PageAdminFocus):
Couldn't load account, reason: Access denied (class
com.evolveum.midpoint.util.exception.AuthorizationException)</span></p>
<p>I've used the End User role before without ever
having any issues, and the fact that it loads the other
resource just fine is making me a little worried. Any
guidance would be greatly appreciated. </p>
<p>Thanks, </p>
<p>-F <br>
</p>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div></div><pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><span><font color="#888888">
</font></span></pre><span><font color="#888888">
</font></span></blockquote><span><font color="#888888">
<br>
<pre cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
<a href="http://evolveum.com" target="_blank">evolveum.com</a> <a href="http://evolveum.com/blog/" target="_blank">evolveum.com/blog/</a>
___________________________________________________
"Semper ID(e)M Vix."
</pre>
</font></span></div>
<br>_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br></div>
</div></div></blockquote></div><br></div>