Details
-
Type:
Bug Fix
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 1.0.1.1
-
Fix Version/s: Backlog
-
Component/s: Development, Version Compatibility
-
Labels:
-
Rice Module:KNS, KEW, KIM
Description
When an application has configured KIM in "remote" mode, permission checks that cross the service bus and occur in the Rice server and that depend on observing client Rice state (such as the document route header for initiator) will fail because client changes have not yet been committed to the database.
For example, RouteLogDerivedRoleTypeServiceImpl.hasApplicationRole:
if (INITIATOR_ROLE_NAME.equals(roleName)){
isUserInRouteLog =
principalId.equals(workflowInfo.getDocumentInitiatorPrincipalId(documentNumberLong));
This will always fail for newly initiated documents, and the result will be that all new documents will be read only (because the current user is not seen to be the "initiator") regardless of any other permission setting.
This is one such example, but it seems like a general problem and could be more widespread (any other state a client may save and the Rice standalone instance may be requested to operate on).
Attachments
Issue Links
- relates to
-
-
- Closed
-
- Trackbacks
-
![[Confluence: Kuali Environment Management]](/images/icons/generic_link_16.png "[Confluence: Kuali Environment Management]")
KFS 3.0.1 and Rice integration issues
Summary Cornell has an existing production Rice installation (Cynergy). Since initial implementation,...