2

我目前正在尝试将 WSO2 数据服务服务器与我公司的 LDAP 服务器集成。我已密切遵循 DSS 管理指南中的步骤: http ://wso2.org/project/data-services/2.6.3/docs/user-core/admin_guide.html#LDAP 在以下部分:5. 如何配置外部 LDAP 用户存储/Active Directory 用户存储

经过一些故障排除后,我能够使用
CARBON_HOME\repository\conf\user-mgt.xml中的 LDAP 设置启动 DSS 服务器

但是,当我尝试通过管理页面登录时@

https://localhost:9443/carbon/admin/login.jsp

使用我的 LDAP 用户 ID 和密码,我无法成功登录。

CARBON_HOME\repository\logs\wso2carbon.log 中的错误消息:

WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 在 [2012-05-16 11:33:49,0720] 从 IP 地址 127.0.0.1 {org 的管理员登录尝试“userID[0]”失败.wso2.carbon.core.services.util.CarbonAuthenticationUtil}

以下是我的配置文件:

<UserManager>
    <Realm>
        <Configuration>
                <AdminRole>admin</AdminRole>
                <AdminUser>
                     <UserName>userID</UserName>
                     <Password>XXXXXX</Password>
                </AdminUser>
            <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
            <Property name="url">jdbc:h2:repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE</Property>
            <Property name="userName">wso2carbon</Property>
            <Property name="password">wso2carbon</Property>
            <Property name="driverName">org.h2.Driver</Property>
            <Property name="maxActive">50</Property>
            <Property name="maxWait">60000</Property>
            <Property name="minIdle">5</Property>
        </Configuration>
    <!-- If product is using an external LDAP as the user store in read only mode, use following user manager -->
        <UserStoreManager class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager">
            <Property name="ReadOnly">true</Property>
            <Property name="MaxUserNameListLength">100</Property>
            <Property name="ConnectionURL">ldap://ldap.xx.xx.xx:389</Property>
            <Property name="ConnectionName">cn=ssssss,OU=YYYYYY,dc=aa,dc=bb,dc=cc</Property>
            <Property name="ConnectionPassword">pppppp</Property>
            <Property name="UserSearchBase">DC=aa,DC=bb,DC=cc</Property>
            <Property name="UserNameListFilter">(objectClass=user)</Property>
            <Property name="UserNameAttribute">cn</Property>
            <Property name="ReadLDAPGroups">false</Property>
            <Property name="GroupSearchBase">ou=system</Property>
            <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
            <Property name="GroupNameAttribute">cn</Property>
            <Property name="MembershipAttribute">member</Property>
            <Property name="UserRolesCacheEnabled">true</Property>
        <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
        </UserStoreManager>
        <AuthorizationManager
            class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
            <Property name="AdminRoleManagementPermissions">/permission</Property>
            <!-- Uncommenting the following element will enable the periodically running permission update task.
             It is disabled by default. -->
            <!-- <Property name="UpdatePermissionTreePeriodically">true</Property> -->
        </AuthorizationManager>
    </Realm>
</UserManager>

我还提到了这个链接: http ://wso2.org/library/knowledge-base/import-ldap-users-carbon-based-products 关于“如何将 LDAP 用户导入 WSO2 碳基产品”但它没有t 似乎适用于 DSS,因为它在用户管理页面中没有“添加外部用户存储”选项。

将感谢我做错了什么的任何建议。我正在使用 wso2dataservices-2.6.3。

谢谢!

4

1 回答 1

0

Are you trying to login as the admin user - which is mentioned as the top of the user-mgt.xml or as any other user in the LDAP?

If you are trying to login as a non-admin user, you need to first login as admin user and enable login permission to every one role.

The second reference you have provided doesn't apply to the current versions of the products.

Thanks, Hasini.

于 2012-05-19T15:21:27.710 回答