From 381c3d3849ed80689596a2a3dbe080ab9ef14531 Mon Sep 17 00:00:00 2001
From: Wolf-Dieter Fink <wfink@redhat.com>
Date: Thu, 30 Nov 2017 18:46:57 +0100
Subject: [PATCH 1/2] CLOUD-2207 ignore
 CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS if CONTAINER_SECURITY_ROLE_MAPPER
 != custom-role-mapper to not create invalid XML

---
 os-jdg7-launch/added/launch/infinispan-config.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/os-jdg7-launch/added/launch/infinispan-config.sh b/os-jdg7-launch/added/launch/infinispan-config.sh
index 7716e1ca..710000bd 100644
--- a/os-jdg7-launch/added/launch/infinispan-config.sh
+++ b/os-jdg7-launch/added/launch/infinispan-config.sh
@@ -491,7 +491,7 @@ function configure_container_security() {
         local CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS="class=\"$CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS\""
       fi
       local rolemapper="\
-                        <$CONTAINER_SECURITY_ROLE_MAPPER $CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS/>"
+                        <$CONTAINER_SECURITY_ROLE_MAPPER/>"
     fi
 
     if [ -n "$CONTAINER_SECURITY_ROLES" ]; then

From 23a4ebbf8e82c665b6b59db015018cb74c15e118 Mon Sep 17 00:00:00 2001
From: Wolf-Dieter Fink <wfink@redhat.com>
Date: Wed, 20 Dec 2017 12:07:32 +0100
Subject: [PATCH 2/2] CLOUD-2207 ignore CONTAINER_SECURITY_ROLE_MAPPER if a
 wrong value is set to not add invalid elements

---
 os-jdg7-launch/added/launch/infinispan-config.sh | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/os-jdg7-launch/added/launch/infinispan-config.sh b/os-jdg7-launch/added/launch/infinispan-config.sh
index 710000bd..04d7905f 100644
--- a/os-jdg7-launch/added/launch/infinispan-config.sh
+++ b/os-jdg7-launch/added/launch/infinispan-config.sh
@@ -490,8 +490,9 @@ function configure_container_security() {
       if [ -n "$CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS" ] && [ "$CONTAINER_SECURITY_ROLE_MAPPER" == "custom-role-mapper" ]; then
         local CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS="class=\"$CONTAINER_SECURITY_CUSTOM_ROLE_MAPPER_CLASS\""
       fi
-      local rolemapper="\
-                        <$CONTAINER_SECURITY_ROLE_MAPPER/>"
+      if [ "$CONTAINER_SECURITY_ROLE_MAPPER" == "identity-role-mapper" -o "$CONTAINER_SECURITY_ROLE_MAPPER" == "common-name-role-mapper" -o "$CONTAINER_SECURITY_ROLE_MAPPER" == "cluster-role-mapper" -o "$CONTAINER_SECURITY_ROLE_MAPPER" == "custom-role-mapper" ]; then
+        local rolemapper="<$CONTAINER_SECURITY_ROLE_MAPPER/>"
+      fi
     fi
 
     if [ -n "$CONTAINER_SECURITY_ROLES" ]; then