我目前正在尝试将WSO2数据服务服务器与我公司的LDAP服务器集成 . 我已经密切关注DSS管理指南中的步骤:http://wso2.org/project/data-services/2.6.3/docs/user-core/admin_guide.html#LDAP在以下部分:5 . 如何配置外部LDAP用户存储/ Active Directory用户存储
经过一些故障排除后,我可以使用LDAP设置启动DSS服务器
CARBON_HOME \库\的conf \用户mgt.xml
但是,当我尝试通过管理页面登录时@
https://localhost:9443/carbon/admin/login.jsp
使用我的LDAP用户ID和密码,我无法成功登录 .
CARBON_HOME \ repository \ logs \ wso2carbon.log中的错误消息:
WARN - 失败的管理员登录尝试'userID [0]'在[2012-05-16 11:33:49,0720]从IP地址127.0.0.1
以下是我的配置文件:
<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>userID</UserName>
<Password>XXXXXX</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
<Property name="url">jdbc:h2:repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE</Property>
<Property name="userName">wso2carbon</Property>
<Property name="password">wso2carbon</Property>
<Property name="driverName">org.h2.Driver</Property>
<Property name="maxActive">50</Property>
<Property name="maxWait">60000</Property>
<Property name="minIdle">5</Property>
</Configuration>
<!-- If product is using an external LDAP as the user store in read only mode, use following user manager -->
<UserStoreManager class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager">
<Property name="ReadOnly">true</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="ConnectionURL">ldap://ldap.xx.xx.xx:389</Property>
<Property name="ConnectionName">cn=ssssss,OU=YYYYYY,dc=aa,dc=bb,dc=cc</Property>
<Property name="ConnectionPassword">pppppp</Property>
<Property name="UserSearchBase">DC=aa,DC=bb,DC=cc</Property>
<Property name="UserNameListFilter">(objectClass=user)</Property>
<Property name="UserNameAttribute">cn</Property>
<Property name="ReadLDAPGroups">false</Property>
<Property name="GroupSearchBase">ou=system</Property>
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<!-- Uncommenting the following element will enable the periodically running permission update task.
It is disabled by default. -->
<!-- <Property name="UpdatePermissionTreePeriodically">true</Property> -->
</AuthorizationManager>
</Realm>
</UserManager>
我也提到了这个链接:http://wso2.org/library/knowledge-base/import-ldap-users-carbon-based-products关于"How to Import LDAP Users to WSO2 Carbon Based Products"但它似乎不适用于DSS,因为它在用户管理页面中没有选项"Add External User Store" .
对于我做错了什么,我将不胜感激 . 我使用的是wso2dataservices-2.6.3 .
谢谢!
1 回答
您是否尝试以管理员用户身份登录 - 这是作为user-mgt.xml的顶部或LDAP中的任何其他用户提到的?
如果您尝试以非管理员用户身份登录,则需要先以admin用户身份登录,并为每个角色启用登录权限 .
您提供的第二个参考不适用于当前版本的产品 .
谢谢,哈西尼 .