启动 WSO2 Identity Server 4.1.0 时出现以下错误:
[2013-02-27 17:00:33,192] ERROR {org.wso2.carbon.identity.mgt.IdentityMgtEventListener} - Error while init identity listener
org.wso2.carbon.user.core.UserStoreException: User store is operating in read only mode. Cannot write into the user store.
at org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.doSetUserClaimValue(ReadOnlyLDAPUserStoreManager.java:1293)
at org.wso2.carbon.user.core.common.AbstractUserStoreManager.setUserClaimValue(AbstractUserStoreManager.java:823)
at org.wso2.carbon.identity.mgt.IdentityMgtEventListener.<init>(IdentityMgtEventListener.java:68)
at org.wso2.carbon.identity.mgt.internal.IdentityMgtServiceComponent.activate(IdentityMgtServiceComponent.java:89)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
...
这意味着 WSO2 正在尝试写入 ldap,但我已将其配置为只读:
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property name="ReadOnly">true</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="ConnectionURL">ldaps://xxxx:636</Property>
<Property name="ConnectionName">uid=xxx,ou=xx,dc=xx,dc=xx,dc=x</Property>
<Property name="ConnectionPassword">xxxxxx</Property>
<Property name="passwordHashMethod">SHA</Property>
<Property name="UserSearchBase">ou=xx,dc=x,dc=xx,dc=xx</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="GroupSearchBase">ou=xx,dc=xx,dc=xx,dc=xx</Property>
<Property name="GroupNameListFilter">(objectClass=posixGroup)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">memberUid</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="maxFailedLoginAttempt">0</Property>
</UserStoreManager>
我错过了什么吗?