如何使用LDAP配置WSO2身份?
我将user-mgt.xml更改为:
<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName>
<Property name="url">jdbc:h2:repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE</Property>
<Property name="userName">wso2carbon</Property>
<Property name="password">wso2carbon</Property>
<Property name="driverName">org.h2.Driver</Property>
<Property name="maxActive">50</Property>
<Property name="maxWait">60000</Property>
<Property name="minIdle">5</Property>
</Configuration>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager">
<Property name="ReadOnly">true</Property>
<Property name="ConnectionURL">ldap://ldap.curitiba.pr.gov.br:389</Property>
<Property name="ConnectionName">o=ICI</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserEntryObjectClass">wso2Person</Property>
<Property name="UserSearchBase">ou=users,dc=ICI,ou=domains,o=ICI</Property>
<Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property>
<Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property>
<Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property>
<Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property>
<Property name="ReadLDAPGroups">false</Property>
<Property name="WriteLDAPGroups">false</Property>
<Property name="EmptyRolesAllowed">false</Property>
<Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupEntryObjectClass">groupOfNames</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
</UserStoreManager>
</Realm>
</UserManager>
但它不起作用。
以下是日志的内容:
[2012-08-20 18:32:03,209] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - Starting WSO2 Carbon...
[2012-08-20 18:32:03,209] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - Operating System : Linux 2.6.37.6-smp, i386
[2012-08-20 18:32:03,209] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - Java Home : /usr/lib/java
[2012-08-20 18:32:03,209] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - Java Version : 1.6.0_25
[2012-08-20 18:32:03,210] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - Java VM : Java HotSpot(TM) Server VM 20.0-b11,Sun Microsystems Inc.
[2012-08-20 18:32:03,210] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - Carbon Home : /soa/srvapp/IdentityServer
[2012-08-20 18:32:03,210] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - Java Temp Dir : /soa/srvapp/IdentityServer/tmp
[2012-08-20 18:32:03,210] INFO {org.wso2.carbon.core.internal.CarbonCoreActivator} - User : root, en-US, America/Sao_Paulo
[2012-08-20 18:32:06,645] INFO {org.wso2.carbon.ldap.server.configuration.LDAPConfigurationBuilder} - KDC server is disabled.
[2012-08-20 18:32:06,649] INFO {org.wso2.carbon.ldap.server.DirectoryActivator} - Initializing Directory Server with working directory /soa/srvapp/IdentityServer/repository/data/org.wso2.carbon.directory and port 10390
[2012-08-20 18:32:10,665] ERROR {org.wso2.carbon.user.core.internal.Activator} - Cannot start User Manager Core bundle
java.lang.NullPointerException
at org.wso2.carbon.user.core.config.RealmConfigXMLProcessor.buildRealmConfiguration(RealmConfigXMLProcessor.java:170)
at org.wso2.carbon.user.core.common.DefaultRealmService.buildBootStrapRealmConfig(DefaultRealmService.java:150)
at org.wso2.carbon.user.core.common.DefaultRealmService.<init>(DefaultRealmService.java:86)
at org.wso2.carbon.user.core.common.DefaultRealmService.<init>(DefaultRealmService.java:124)
at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:64)
at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:54)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:782)
at java.security.AccessController.doPrivileged(Native Method)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:773)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:754)
at org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:352)
at org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:370)
at org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1068)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:557)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:464)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:248)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:445)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:220)
at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:330)
答案 0 :(得分:0)
这看起来像是完整堆栈跟踪的一部分。无论如何,我在user-mgt.xml中看到一个明显无效的配置。您已使用组织单位对象作为错误的连接名称。
<Property name="ConnectionName">o=ICI</Property>
您必须在OpenLDAP中使用有效用户作为连接名称。例如,
<Property name="ConnectionName">cn=SomeUser,ou=users,dc=ICI,ou=domains,o=ICI</Property>