无法在wso2 IS中以KM 5.10.0看到自定义属性查找器

时间:2020-06-03 14:53:37

标签: wso2 wso2is

嗨,我正在将wso2 IS用作KM和APIM 3.1.0。

我想在wso2 ID服务器中创建自定义属性查找器。我点击了此链接 https://is.docs.wso2.com/en/5.9.0/develop/writing-a-custom-policy-info-point/

但是最后,我无法在PDP扩展视图下的wso2 ID服务器中看到自定义属性查找器。

我已在entitlement.properties中包含以下数据源

DataSourceName=jdbc/testuserstore

KmarketJDBCAttributeFinder中的Init方法如下:

@Override
    public void init(Properties properties)  throws Exception{

        String dataSourceName = (String) properties.get("DataSourceName");

        if(dataSourceName == null || dataSourceName.trim().length() == 0){
            throw new Exception("Data source name can not be null. Please configure it in the entitlement.properties file.");
        }

        dataSource = (DataSource) InitialContext.doLookup(dataSourceName);
        ................
        ...............

并且我在Deployment.toml文件中包含以下配置

[server]
hostname = "10.57.8.4"
node_ip = "10.57.8.4"
base_path = "https://$ref{server.hostname}:${carbon.management.port}"
serverDetails = "WSO2 IS as KM 5.10.0"
mode = "single"
userAgent = "WSO2 IS as KM 5.10.0"

[super_admin]
username = "admin"
password = "admin"
create_admin_account = true

[user_store]
type = "database_unique_id"

[database.apim_db]
type = "postgre"
url = "jdbc:postgresql://10.57.8.45:5432/wso2apimdb"
username = "wso2apim"
password = "password"
driver = "org.postgresql.Driver"
validationQuery = "SELECT 1"

[database.shared_db]
type = "postgre"
url = "jdbc:postgresql://10.57.8.45:5432/wso2shareddb"
username = "wso2shared"
password = "password"
driver = "org.postgresql.Driver"
validationQuery = "SELECT 1"


[[apim.gateway.environment]]
name = "Production and Sandbox"
type = "hybrid"
description = "This is a hybrid gateway that handles both production and sandbox token traffic."
service_url = "https://10.57.8.46:${mgt.transport.https.port}/services/"
username= "${admin.username}"
password= "${admin.password}"

[keystore.primary]
file_name = "idserver.jks"
password = "password"
alias = "idserver"
key_password = "password"

[admin_service.wsdl]
enable= true

[[datasource]]
id = "testuserstore"
#type = "postgre"
url = "jdbc:postgresql://10.57.8.45:5432/testuserstore"
username = "testuser"
password = "password"
#driver = "org.postgresql.Driver"
#validationQuery = "SELECT 1"


[[xacml.pip.attribute_designator]]
class = "org.xacmlinfo.xacml.pip.jdbc.KMarketJDBCAttributeFinder"
[xacml.pip.attribute_designator.properties]
DataSourceName = "jdbc/testuserstore"


[[event_listener]]
id = "mutual_tls_authenticator"
type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"
name = "org.wso2.carbon.identity.oauth2.token.handler.clientauth.mutualtls.MutualTLSClientAuthenticator"
order = "158"
enable = false

[[apim.throttling.url_group]]
traffic_manager_urls=["tcp://10.57.8.46:9611"]
traffic_manager_auth_urls=["ssl://10.57.8.46:9711"]
type = "loadbalance"

testuserstore是在postgresql DB中创建的数据库。我已经在链接中提到的数据库中创建了表。还将postgres jdbc驱动程序和org.xacmlinfo.xacml.pip.jdbc-1.0.0.jar包含在/ repository / components / lib中。我正在使用jdk 8构建jar文件。

请让我知道问题出在哪里。

1 个答案:

答案 0 :(得分:0)

您可以使用以下配置来注册自定义属性查找器。

[identity.entitlement.policy_point.pip]
attribute_designators = [
  "org.wso2.carbon.identity.entitlement.pip.DefaultAttributeFinder",
  "org.wso2.carbon.identity.application.authz.xacml.pip.AuthenticationContextAttributePIP",
  "org.xacmlinfo.xacml.pip.jdbc.KMarketJDBCAttributeFinder"
]

针对产品文档提出public jira,以相应地更新文档。

必需的数据源应定义为自定义属性查找器的属性。由于产品的限制,扩展软件包名称应采用以下格式: org.wso2.carbon.identity.entitlement.{{extension.name}}。在https://github.com/wso2/product-is/issues/8450.

中对此进行了跟踪

作为获取示例工作的替代方法,您可以采用以下方式之一进行操作。不建议使用选项2,因为不应修改配置模板文件。

选项1:

  1. 将示例的软件包更改为org.wso2.carbon.identity.entitlement.KMarketJDBCAttributeFinder
  2. 按以下步骤在Deployment.toml中进行配置。
[identity.entitlement.policy_point.pip]
attribute_designators = [
  "org.wso2.carbon.identity.entitlement.pip.DefaultAttributeFinder",
  "org.wso2.carbon.identity.application.authz.xacml.pip.AuthenticationContextAttributePIP",
  "org.wso2.carbon.identity.entitlement.KMarketJDBCAttributeFinder"
]
[[identity.entitlement.extension]]
name="KMarketJDBCAttributeFinder"
[identity.entitlement.extension.properties]
DataSourceName = "jdbc/KMARKETUSERDB"

选项2: 这样,您可以将任何包名称用作自定义属性查找器。

  1. / repository / resources / conf / templates / repository / conf / identity 目录中编辑 entitlement.properties.j2 文件。
  2. 搜索 identity.entitlement.extension ,并按如下所示更改模板化配置。
{% if identity.entitlement.extension is defined %}
{% for extension in identity.entitlement.extension %}
{% for key,value in extension.properties.items() %}
{{extension.name}}.{{loop.index}}={{key}},{{value}}
{% endfor %}
{% endfor %}
{% endif %}
  1. 按以下步骤在Deployment.toml中进行配置。
[identity.entitlement.policy_point.pip]
attribute_designators = [
  "org.wso2.carbon.identity.entitlement.pip.DefaultAttributeFinder",
  "org.wso2.carbon.identity.application.authz.xacml.pip.AuthenticationContextAttributePIP",
  "org.xacmlinfo.xacml.pip.jdbc.KMarketJDBCAttributeFinder"
]
[[identity.entitlement.extension]]
name="org.xacmlinfo.xacml.pip.jdbc.KMarketJDBCAttributeFinder"
[identity.entitlement.extension.properties]
DataSourceName = "jdbc/KMARKETUSERDB"

谢谢

相关问题
最新问题