0

我是 wso2 的新手,我正在使用 wso2 Identity Server 对我的项目进行身份验证和授权。但是我在将 ApacheDSUserStoreManager 配置为 wso2 身份服务器中的外部 ldap 用户存储管理器时遇到了问题。请任何人都可以为我提供正确的方法。我的配置如下。

配置文件是

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager">
    <Property name="defaultRealmName">sample.com</Property>
    <Property name="kdcEnabled">false</Property>
    <Property name="ConnectionURL">ldap://localhost:10389</Property> 
    <Property name="ConnectionName">uid=rpurimitla,ou=manage,dc=sample,dc=com</Property>
    <Property name="ConnectionPassword">sample</Property>
    <Property name="passwordHashMethod">SHA</Property>
    <Property name="UserSearchBase">ou=manage,dc=sample,dc=com</Property>
    <Property name="UserEntryObjectClass">inetOrgPerson</Property>
    <Property name="UserNameAttribute">uid</Property>
    <Property name="isADLDSRole">true</Property>
    <Property name="userAccountControl">512</Property>
    <Property name="UserNameListFilter">(objectClass=user)</Property>
    <Property name="UserNameSearchFilter">(&amp;(objectClass=user)(cn=?))</Property>
    <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-]{3,30}$</Property>
    <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
    <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
    <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
    <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-]{3,30}$</Property>
    <Property name="ReadLDAPGroups">true</Property>
    <Property name="WriteLDAPGroups">true</Property>
    <Property name="EmptyRolesAllowed">true</Property>
    <Property name="GroupSearchBase">ou=manage,dc=sample,dc=com</Property>
    <Property name="GroupEntryObjectClass">group</Property>
    <Property name="GroupNameAttribute">cn</Property>
    <Property name="MembershipAttribute">member</Property>
    <Property name="GroupNameListFilter">(objectcategory=group)</Property>
    <Property name="GroupNameSearchFilter">(&amp;(objectClass=group)(cn=?))</Property>
    <Property name="UserRolesCacheEnabled">true</Property>
    <Property name="Referral">follow</Property>
    <Property name="BackLinksEnabled">true</Property>
    </UserStoreManager>

这是我得到的错误

2013-07-26 17:57:47,781] 信息 {org.wso2.carbon.databridge.agent.thrift.AgentHolder} - 代理创建![2013-07-26 17:57:47,859] INFO {org.wso2.carbon.databridge.agent.thrift.internal.AgentDS} - 成功部署代理客户端 [2013-07-26 17:57:48,000] INFO {org .wso2.carbon.identity.authenticator.iwa.ui.internal.Activator} - 系统中启用的集成 Windows Authenticator [2013-07-26 17:57:48,234] INFO {org.wso2.carbon.ldap.server.DirectoryActivator } - 嵌入式 LDAP 被禁用。[2013-07-26 17:57:49,781] 错误 {org.wso2.carbon.user.core.common.DefaultRealm} - 无法创建 org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager java.lang.ClassNotFoundException: org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager 在org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:513) 在 org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:429) 在 org.eclipse.osgi.internal。 loader.BundleLoader.findClass(BundleLoader.java:417) at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:107) at java.lang.ClassLoader.loadClass(ClassLoader.java:251) at java .lang.ClassLoader.loadClassInternal(ClassLoader.java:319) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:169) at org.wso2.carbon.user.core .common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:215) 在 org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147) 在 org.wso2.carbon.user.core.common.DefaultRealm .init(DefaultRealm.java:113) 在 org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223) 在 org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103) 在 org. wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) 在 org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) 在 org.wso2.carbon.user .core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method )carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core .internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method)carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core .internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method)

==================================================== ===============================

4

1 回答 1

0

如果您使用的是 IS 4.0.0 或更高版本,则 ApacheDSUserStoreManager 类已从这些版本中删除。您需要根据您的版本更改配置。

您需要从您的 user-mgt.xml 中取消注释以下部分并相应地更改配置。

  <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
        <Property name="ConnectionURL">ldap://localhost:10389</Property>
        <Property name="ConnectionName">uid=admin,ou=system</Property>
        <Property name="ConnectionPassword">secret</Property>
        <Property name="passwordHashMethod">PLAIN_TEXT</Property>
        <Property name="UserNameListFilter">(objectClass=person)</Property>
        <Property name="UserEntryObjectClass">inetOrgPerson</Property>
        <Property name="UserSearchBase">ou=system</Property>
        <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
        <Property name="UserNameAttribute">uid</Property>
        <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
        <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
        <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
        <Property name="ReadLDAPGroups">true</Property>
        <Property name="WriteLDAPGroups">true</Property>
        <Property name="EmptyRolesAllowed">false</Property>
        <Property name="GroupSearchBase">ou=system</Property>
        <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="GroupEntryObjectClass">groupOfNames</Property>
        <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="GroupNameAttribute">cn</Property>
        <Property name="MembershipAttribute">member</Property>
        <Property name="UserRolesCacheEnabled">true</Property>
        <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
        <Property name="maxFailedLoginAttempt">0</Property>
    </UserStoreManager-->

以下链接 [1] 中有一个相关问题。

[1] WSO2 身份服务器外部 LDAP 抛出 OID 身份的 OBJECT_CLASS 不存在

希望这会有所帮助。

于 2013-11-06T04:47:36.570 回答