我很难解决“没有找到校长......”的问题。我阅读了所有文章,但我已成功将耳内文件安装到WAS 8.5中。
此应用程序需要LDAP身份验证才能让最终用户登录。 我的LDAP userId是正确的。因为我可以通过部署相同ear文件的其他开发环境对自己进行身份验证。 远程LDAP服务器的SSL证书很好。还有什么可配置的?
我的意思是你可能会给我一些线索,比如JAAS?
以下是myprofile/log/ffcd/xxx.log个文件的底线详细信息。
[11/04/16 14:06:39:853 EDT] FFDC
Exception:com.ibm.websphere.security.PasswordCheckFailedException SourceId:com.ibm.ws.security.ltpa.LTPAServerObject.authenticate ProbeId:1006 Reporter:com.ibm.ws.security.ltpa.LTPAServerObject@2be0e7c9
com.ibm.websphere.wim.exception.PasswordCheckFailedException: CWWIM4537E No principal is found from the 'validLdapUserId' principal name.
at com.ibm.ws.wim.ProfileManager.loginImpl(ProfileManager.java:3920)
at com.ibm.ws.wim.ProfileManager.genericProfileManagerMethod(ProfileManager.java:348)
at com.ibm.ws.wim.ProfileManager.login(ProfileManager.java:456)
==> Performing default dump from com.ibm.ws.security.core.SecurityDM
com.ibm.ws.security.config.SecurityConfigImpl@3c12279c C:\devSoft\IBM\WebSphere\AppServer\profiles\AppSrv01\config\cells/OND2C01266470Node01Cell/security.xml (admin) :com.ibm.websphere.security.PasswordCheckFailedException: CWWIM4537E No principal is found from the 'validLdapUserId' principal name.
+Data for directive [defaultsecurityconfig] obtained.:
The dynamic JAAS login configuration is:
com.ibm.ws.security.auth.login.Configuration: Dumping JAAS Configuration
JAAS file configuration data:
system.RMI_OUTBOUND {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.wsMapCSIv2OutboundLoginModule" ;
};
system.wss.generate.sct {
com.ibm.ws.wssecurity.wssapi.token.impl.SCTGenerateLoginModule required ;
};
DefaultPrincipalMapping {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.auth.j2c.WSPrincipalMappingLoginModule" ;
};
system.wss.consume.ltpa {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAConsumeLoginModule required ;
};
system.wss.consume.KRB5BST {
com.ibm.ws.wssecurity.wssapi.token.impl.KRBConsumeLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTConsumeLoginModule required ;
};
system.wss.consume.ltpaProp {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAPropagationConsumeLoginModule required ;
};
system.wss.consume.issuedToken {
com.ibm.ws.wssecurity.wssapi.token.impl.GenericIssuedTokenConsumeLoginModule required ;
};
system.wss.generate.pkcs7 {
com.ibm.ws.wssecurity.wssapi.token.impl.PKCS7GenerateLoginModule required ;
};
system.wssecurity.X509BST {
com.ibm.wsspi.wssecurity.auth.module.X509LoginModule required ;
};
system.wss.consume.pkiPath {
com.ibm.ws.wssecurity.wssapi.token.impl.PkiPathConsumeLoginModule required ;
};
system.wss.consume.x509 {
com.ibm.ws.wssecurity.wssapi.token.impl.X509ConsumeLoginModule required ;
};
system.WEB_INBOUND {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.ltpaLoginModule" ;
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule" ;
};
system.WSS_OUTBOUND {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.wsMapCSIv2OutboundLoginModule" ;
};
system.wss.consume.sct {
com.ibm.ws.wssecurity.wssapi.token.impl.SCTConsumeLoginModule required ;
};
system.wssecurity.Signature {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.wsspi.wssecurity.auth.module.SignatureLoginModule" ;
};
system.wssecurity.IDAssertionUsernameToken {
com.ibm.wsspi.wssecurity.auth.module.IDAssertionUsernameLoginModule required ;
};
system.wssecurity.UsernameToken {
com.ibm.wsspi.wssecurity.auth.module.UsernameLoginModule required ;
};
system.wss.generate.saml {
com.ibm.ws.wssecurity.wssapi.token.impl.SAMLGenerateLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTGenerateLoginModule required ;
};
system.DESERIALIZE_ASYNCH_CONTEXT {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.generate.ltpa {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAGenerateLoginModule required ;
};
system.wss.generate.ltpaProp {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAPropagationGenerateLoginModule required ;
};
system.wssecurity.PkiPath {
com.ibm.wsspi.wssecurity.auth.module.PkiPathLoginModule required ;
};
system.wss.inbound.propagation {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.auth.sts {
com.ibm.ws.wssecurity.impl.auth.module.STSDefaultLoginModule required ;
};
system.wss.generate.x509 {
com.ibm.ws.wssecurity.wssapi.token.impl.X509GenerateLoginModule required ;
};
system.RMI_INBOUND {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.ltpaLoginModule" ;
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule" ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.WSS_INBOUND {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.ltpaLoginModule" ;
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule" ;
};
JAASClient {
com.ibm.security.auth.module.Krb5LoginModule required
noAddress="true"
tryFirstPass="true"
useDefaultCcache="false"
forwardable="true"
credsType="both" ;
};
system.wssecurity.KRB5BST {
com.ibm.wsspi.wssecurity.auth.module.KRBLoginModule required ;
};
system.wss.generate.unt {
com.ibm.ws.wssecurity.wssapi.token.impl.UNTGenerateLoginModule required ;
};
system.LTPA {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.ltpaLoginModule" ;
};
system.wss.caller {
com.ibm.ws.wssecurity.impl.auth.module.PreCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.UNTCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.X509CallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.LTPACallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.LTPAPropagationCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.KRBCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.SAMLCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.GenericIssuedTokenCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.WSWSSLoginModule required ;
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
};
system.DEFAULT {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.ltpaLoginModule" ;
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule" ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.consume.pkcs7 {
com.ibm.ws.wssecurity.wssapi.token.impl.PKCS7ConsumeLoginModule required ;
};
system.wss.generate.KRB5BST {
com.ibm.ws.wssecurity.wssapi.token.impl.KRBGenerateLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTGenerateLoginModule required ;
};
system.wss.generate.issuedToken {
com.ibm.ws.wssecurity.wssapi.token.impl.GenericIssuedTokenGenerateLoginModule required ;
};
WSLogin {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.common.auth.module.WSLoginModuleImpl"
use_realm_callback="false"
use_appcontext_callback="false" ;
};
system.SWAM {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.swamLoginModule" ;
};
system.wss.generate.pkiPath {
com.ibm.ws.wssecurity.wssapi.token.impl.PkiPathGenerateLoginModule required ;
};
system.wss.consume.unt {
com.ibm.ws.wssecurity.wssapi.token.impl.UNTConsumeLoginModule required ;
};
JaasClient {
com.ibm.security.auth.module.Krb5LoginModule required
noAddress="true"
tryFirstPass="true"
useDefaultCcache="false"
forwardable="true"
credsType="both" ;
};
system.wssecurity.IDAssertion {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.wsspi.wssecurity.auth.module.IDAssertionLoginModule" ;
};
system.wss.inbound.deserialize {
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssLtpaLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssMapDefaultInboundLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.consume.saml {
com.ibm.ws.wssecurity.wssapi.token.impl.SAMLConsumeLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTConsumeLoginModule required ;
};
system.wssecurity.PKCS7 {
com.ibm.wsspi.wssecurity.auth.module.PKCS7LoginModule required ;
};
JAAS WCCM configuration data:
system.RMI_OUTBOUND {
com.ibm.ws.security.server.lm.wsMapCSIv2OutboundLoginModule required ;
};
DefaultPrincipalMapping {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.auth.j2c.WSPrincipalMappingLoginModule" ;
};
system.wss.generate.sct {
com.ibm.ws.wssecurity.wssapi.token.impl.SCTGenerateLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTGenerateLoginModule required ;
};
system.wss.consume.ltpa {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAConsumeLoginModule required ;
};
system.wss.consume.KRB5BST {
com.ibm.ws.wssecurity.wssapi.token.impl.KRBConsumeLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTConsumeLoginModule required ;
};
system.wss.consume.ltpaProp {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAPropagationConsumeLoginModule required ;
};
system.wss.consume.issuedToken {
com.ibm.ws.wssecurity.wssapi.token.impl.GenericIssuedTokenConsumeLoginModule required ;
};
system.wss.generate.pkcs7 {
com.ibm.ws.wssecurity.wssapi.token.impl.PKCS7GenerateLoginModule required ;
};
system.wssecurity.X509BST {
com.ibm.wsspi.wssecurity.auth.module.X509LoginModule required ;
};
system.wss.consume.pkiPath {
com.ibm.ws.wssecurity.wssapi.token.impl.PkiPathConsumeLoginModule required ;
};
system.wss.consume.x509 {
com.ibm.ws.wssecurity.wssapi.token.impl.X509ConsumeLoginModule required ;
};
system.WEB_INBOUND {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
};
system.WSS_OUTBOUND {
com.ibm.ws.security.server.lm.wsMapCSIv2OutboundLoginModule required ;
};
system.wss.consume.sct {
com.ibm.ws.wssecurity.wssapi.token.impl.SCTConsumeLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTConsumeLoginModule required ;
};
system.wssecurity.Signature {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.wsspi.wssecurity.auth.module.SignatureLoginModule" ;
};
system.wssecurity.IDAssertionUsernameToken {
com.ibm.wsspi.wssecurity.auth.module.IDAssertionUsernameLoginModule required ;
};
system.wssecurity.UsernameToken {
com.ibm.wsspi.wssecurity.auth.module.UsernameLoginModule required ;
};
system.wss.generate.saml {
com.ibm.ws.wssecurity.wssapi.token.impl.SAMLGenerateLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTGenerateLoginModule required ;
};
system.KRB5 {
com.ibm.ws.security.auth.kerberos.Krb5LoginModuleWrapper required
storeSharedStateCredentials="true"
noAddress="true"
tryFirstPass="true"
renewable="true"
refreshKrb5Config="true"
forwardable="true"
credsType="both" ;
com.ibm.ws.security.auth.kerberos.WSKrb5LoginModule required ;
};
system.DESERIALIZE_ASYNCH_CONTEXT {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required
com.ibm.ws.security.context.renewToken="true" ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.generate.ltpa {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAGenerateLoginModule required ;
};
system.wss.generate.ltpaProp {
com.ibm.ws.wssecurity.wssapi.token.impl.LTPAPropagationGenerateLoginModule required ;
};
system.wssecurity.PkiPath {
com.ibm.wsspi.wssecurity.auth.module.PkiPathLoginModule required ;
};
system.wss.inbound.propagation {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.auth.sts {
com.ibm.ws.wssecurity.impl.auth.module.STSDefaultLoginModule required ;
};
system.wss.generate.x509 {
com.ibm.ws.wssecurity.wssapi.token.impl.X509GenerateLoginModule required ;
};
system.RMI_INBOUND {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.LTPA_WEB {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.web.AuthenLoginModule" ;
};
system.WSS_INBOUND {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
};
WSKRB5Login {
com.ibm.ws.security.auth.kerberos.Krb5LoginModuleWrapperClient required
storeSharedStateCredentials="true"
tryFirstPass="false"
refreshKrb5Config="true"
useFirstPass="true"
credsType="INITIATOR" ;
};
KerberosMapping {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.auth.j2c.WSPrincipalMappingLoginModule" ;
};
ClientContainer {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.common.auth.module.WSClientLoginModuleImpl" ;
};
system.wssecurity.KRB5BST {
com.ibm.wsspi.wssecurity.auth.module.KRBLoginModule required ;
};
system.wss.generate.unt {
com.ibm.ws.wssecurity.wssapi.token.impl.UNTGenerateLoginModule required ;
};
system.LTPA {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.ltpaLoginModule" ;
};
system.wss.caller {
com.ibm.ws.wssecurity.impl.auth.module.PreCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.UNTCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.X509CallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.LTPACallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.LTPAPropagationCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.KRBCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.SAMLCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.GenericIssuedTokenCallerLoginModule required ;
com.ibm.ws.wssecurity.impl.auth.module.WSWSSLoginModule required ;
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
};
system.DEFAULT {
com.ibm.ws.security.server.lm.ltpaLoginModule required ;
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.consume.pkcs7 {
com.ibm.ws.wssecurity.wssapi.token.impl.PKCS7ConsumeLoginModule required ;
};
system.wss.generate.KRB5BST {
com.ibm.ws.wssecurity.wssapi.token.impl.KRBGenerateLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTGenerateLoginModule required ;
};
system.wss.generate.issuedToken {
com.ibm.ws.wssecurity.wssapi.token.impl.GenericIssuedTokenGenerateLoginModule required ;
};
WSLogin {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.common.auth.module.WSLoginModuleImpl"
use_realm_callback="false"
use_appcontext_callback="false" ;
};
system.SWAM {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.server.lm.swamLoginModule" ;
};
system.wss.generate.pkiPath {
com.ibm.ws.wssecurity.wssapi.token.impl.PkiPathGenerateLoginModule required ;
};
system.wss.consume.unt {
com.ibm.ws.wssecurity.wssapi.token.impl.UNTConsumeLoginModule required ;
};
system.wssecurity.IDAssertion {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.wsspi.wssecurity.auth.module.IDAssertionLoginModule" ;
};
system.wss.inbound.deserialize {
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssLtpaLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssMapDefaultInboundLoginModule required ;
com.ibm.ws.wssecurity.platform.websphere.wssapi.token.impl.wssTokenPropagationInboundLoginModule required ;
};
system.wss.consume.saml {
com.ibm.ws.wssecurity.wssapi.token.impl.SAMLConsumeLoginModule required ;
com.ibm.ws.wssecurity.wssapi.token.impl.DKTConsumeLoginModule required ;
};
TrustedConnectionMapping {
com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleProxy required
delegate="com.ibm.ws.security.auth.j2c.WSPrincipalMappingLoginModule"
useTrustedConnection="true" ;
};
system.wssecurity.PKCS7 {
com.ibm.wsspi.wssecurity.auth.module.PKCS7LoginModule required ;
};
:com.ibm.websphere.security.PasswordCheckFailedException: CWWIM4537E No principal is found from the 'validLdapUserId' principal name.
+Data for directive [defaultjaasconfig] obtained.:
==> Dump complete for com.ibm.ws.security.core.SecurityDM :
这是来自wimconfig.xml的ldap配置
<config:repositories xsi:type="config:LdapRepositoryType" adapterClassName="com.ibm.ws.wim.adapter.ldap.LdapAdapter"
id="LDAP_dev" isExtIdUnique="true" supportAsyncMode="false" supportExternalName="false"
supportPaging="false" supportSorting="false" supportTransactions="false" supportChangeLog="none"
certificateFilter="" certificateMapMode="exactdn" ldapServerType="AD" translateRDN="false">
<config:baseEntries name="DC=dc5,DC=dc4,DC=dc3,DC=dc2,DC=dc1" nameInRepository="DC=dc5,DC=dc4,DC=dc3,DC=dc2,DC=dc1"/>
<config:loginProperties>uid
<config:ldapServerConfiguration primaryServerQueryTimeInterval="15" returnToPrimaryServer="true"
sslConfiguration="">
<config:ldapServers authentication="simple" bindDN="CN=validUser,OU=Users,OU=dc6,DC=dc5,DC=dc4,DC=dc3,DC=dc2,DC=dc1"
bindPassword="{xor}DCvalidPassword" connectionPool="false" connectTimeout="20"
derefAliases="always" referal="follow" sslEnabled="true">
<config:connections host="validHost" port="389"/>
<config:ldapEntityTypes name="Group" searchFilter="(ObjectCategory=Group)">
<config:objectClasses>group
<config:ldapEntityTypes name="OrgContainer">
<config:rdnAttributes name="o" objectClass="organization"/>
<config:rdnAttributes name="ou" objectClass="organizationalUnit"/>
<config:rdnAttributes name="dc" objectClass="domain"/>
<config:rdnAttributes name="cn" objectClass="container"/>
<config:objectClasses>organization
<config:objectClasses>organizationalUnit
<config:objectClasses>domain
<config:objectClasses>container
</config:ldapEntityTypes>
<config:ldapEntityTypes name="PersonAccount" searchFilter="(ObjectCategory=User)">
<config:objectClasses>user
</config:ldapEntityTypes>
<config:groupConfiguration>
<config:memberAttributes name="member" objectClass="group" scope="direct"/>
<config:membershipAttribute name="memberof" scope="direct"/>
</config:groupConfiguration>
<config:attributeConfiguration>
<config:attributes defaultAttribute="cn" name="cn">
<config:entityTypes>Group
<config:attributes defaultValue="8" name="groupType">
<config:entityTypes>Group
<config:attributes name="unicodePwd" propertyName="password" syntax="unicodePwd"/>
<config:attributes name="userprincipalname" propertyName="kerberosId">
<config:entityTypes>PersonAccount
答案 0 :(得分:0)
您是否启用了信任关联拦截器?如果是,请执行以下操作:
从全局安全性&gt;中的管理控制台转到WAS配置Web和SIP安全性&gt;一般设置。
然后取消选中复选框&#34;在访问不受保护的URI时使用可用的身份验证数据。&#34;