无法使用ldap凭据登录到wso2身份服务器

时间:2013-11-19 03:52:50

标签: ldap wso2 wso2is

我试图将wso2身份服务器连接到Ldap ReadWriteLDAPUserStoreManager,成功集成并可以从wso2身份服务器访问ldap用户。但问题是我无法使用ldap用户名和密码登录身份服务器。

请帮帮我

2 个答案:

答案 0 :(得分:2)

Please try with below configuration 

<?xml version="1.0" encoding="UTF-8"?><UserStoreManager     class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
  <Property name="ConnectionName">cn=admin,dc=ds,dc=sample,dc=com</Property>
  <Property name="ConnectionURL">ldap://192.168.1.1:389</Property>
  <Property name="ConnectionPassword">XXXX</Property>
  <Property name="UserSearchBase">ou=People,dc=prime,dc=ds,dc=sample,dc=com</Property>
  <Property name="Disabled">false</Property>
  <Property name="UserNameListFilter">(objectClass=inetOrgPerson)</Property>
  <Property name="UserNameAttribute">uid</Property>
  <Property name="UserNameSearchFilter">(&amp;(objectClass=inetOrgPerson)(uid=?))</Property>
  <Property name="UserEntryObjectClass">inetOrgPerson</Property>
  <Property name="GroupEntryObjectClass">organizationalUnit</Property>
  <Property name="ReadGroups">false</Property>
  <Property name="GroupSearchBase">ou=People,dc=prime,dc=ds,dc=sample,dc=com</Property>
  <Property name="GroupNameAttribute">uid</Property>
  <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
  <Property name="MembershipAttribute">member</Property>
  <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(ou=?))</Property>
  <Property name="MaxUserNameListLength">100</Property>
  <Property name="MaxRoleNameListLength">100</Property>
  <Property name="UserRolesCacheEnabled">true</Property>
  <Property name="SCIMEnabled">false</Property>
  <Property name="PasswordHashMethod">SHA</Property>
  <Property name="UserDNPattern">uid={0},ou=People,dc=prime,dc=ds,dc=sample,dc=com</Property>
  <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
  <Property name="UserNameJavaScriptRegEx">^[\S]{3,30}$</Property>
  <Property name="UserNameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
  <Property name="RoleNameJavaScriptRegEx">^[\S]{3,30}$</Property>
  <Property name="RoleNameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
  <Property name="WriteGroups">true</Property>
  <Property name="EmptyRolesAllowed">true</Property>
  <Property name="DomainName">ldap</Property>
  <Property name="Description">ldap
        </Property>
</UserStoreManager>

答案 1 :(得分:0)

以管理员用户身份登录并检查配置的ldap用户是否具有登录权限的角色是个好主意。

相关问题
最新问题