search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
746 stars 724 forks source link

[IS-5.11.0 Migration] GroupsAndRolesMigrator step fails there are internal roles and external groups having the same name. #11358

Open tharakawijekoon opened 3 years ago

tharakawijekoon commented 3 years ago

Describe the issue: GroupsAndRolesMigrator step fails there are internal roles and external groups having the same name.

How to reproduce:

[2021-02-24 16:19:02,903] [] ERROR {org.wso2.carbon.is.migration.service.v5110.migrator.GroupsAndRolesMigrator} -  WSO2 Product Migration Service Task : Error while migrating external role permissions. org.wso2.carbon.user.core.UserStoreException: 30012 - RoleExistingRole name: admin exists in the system. Please pick another role name.
    at org.wso2.carbon.user.core.common.AbstractUserStoreManager.handleRoleAlreadyExistException(AbstractUserStoreManager.java:7550)
    at org.wso2.carbon.user.core.common.AbstractUserStoreManager.doAddInternalRole(AbstractUserStoreManager.java:7517)
    at org.wso2.carbon.user.core.common.AbstractUserStoreManager.addRole(AbstractUserStoreManager.java:6800)
    at org.wso2.carbon.user.core.common.AbstractUserStoreManager.addRole(AbstractUserStoreManager.java:9057)
    at org.wso2.carbon.is.migration.service.v5110.migrator.GroupsAndRolesMigrator.migrateSuperTenantData(GroupsAndRolesMigrator.java:168)
    at org.wso2.carbon.is.migration.service.v5110.migrator.GroupsAndRolesMigrator.migrate(GroupsAndRolesMigrator.java:136)
    at org.wso2.carbon.is.migration.VersionMigration.migrate(VersionMigration.java:52)
    at org.wso2.carbon.is.migration.MigrationClientImpl.execute(MigrationClientImpl.java:85)
    at org.wso2.carbon.identity.core.internal.IdentityCoreServiceComponent.activate(IdentityCoreServiceComponent.java:149)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
    at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
    at org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
    at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
    at org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
    at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
    at org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
    at org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:113)
    at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:985)
    at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
    at org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:151)
    at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:866)
    at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:804)
    at org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
    at org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:228)
    at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:525)
    at org.eclipse.osgi.internal.framework.BundleContextImpl.registerService(BundleContextImpl.java:544)
    at org.wso2.carbon.core.init.CarbonServerManager.initializeCarbon(CarbonServerManager.java:529)
    at org.wso2.carbon.core.init.CarbonServerManager.removePendingItem(CarbonServerManager.java:305)
    at org.wso2.carbon.core.init.PreAxis2ConfigItemListener.bundleChanged(PreAxis2ConfigItemListener.java:118)
    at org.eclipse.osgi.internal.framework.BundleContextImpl.dispatchEvent(BundleContextImpl.java:973)
    at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
    at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:345)

Note, the rest of the external roles would not be migrated properly when the above error occurs[1].

Expected behavior: If an internal role exists with the same name, a new role should be created to represent the existing external role.

Environment information (Please complete the following information; remove any unnecessary fields) : IS-5.9.0 - IS-5.11.0 Migration

Related issues: https://github.com/wso2/product-is/issues/11327

[1]https://github.com/wso2-extensions/identity-migration-resources/blob/master/components/org.wso2.is.migration/migration-service/src/main/java/org/wso2/carbon/is/migration/service/v5110/migrator/GroupsAndRolesMigrator.java#L168

nadeepoornima commented 2 years ago

We also noticed this issue with other customers, and we resolved it by re-naming the internal/admin role to another. Appriciate to resolve this issue soon.