首页 文章

WSO2 Identity Server电子邮件身份验证

提问于
浏览
0

我们正在使用带有SP1的WSO2身份服务器5.0 .

我们已经按照this guide启用了电子邮件身份验证,这已经奏效了 .

但现在我们无法使用返回码500编辑电子邮件地址(后端和后端) .

我们是否遗漏了文档中未提及的某些配置,我们已经没有想法了 .

感谢您帮助我们 :)

我们的user-mgt.xml:

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
    <Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
    <Property name="defaultRealmName">WSO2.ORG</Property>
    <Property name="kdcEnabled">false</Property>
    <Property name="Disabled">false</Property>                                   
    <Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
    <Property name="ConnectionName">uid=admin,ou=system</Property>
    <Property name="ConnectionPassword">admin</Property>
    <Property name="passwordHashMethod">SHA</Property>
    <Property name="UserNameListFilter">(&amp;(objectClass=identityPerson)(mail=*))</Property>
    <Property name="UserEntryObjectClass">identityPerson</Property>
    <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
    <Property name="UserNameSearchFilter">(&amp;(objectClass=identityPerson)(mail=?))</Property>
    <Property name="UserNameAttribute">mail</Property>
    <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
    <Property name="ServicePasswordJavaRegEx">^[\\S]{5,30}$</Property>
    <Property name="ServiceNameJavaRegEx">^[\\S]{2,30}/[\\S]{2,30}$</Property>
    <Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
    <Property name="UsernameJavaRegEx">^[_A-Za-z0-9-\+]+(\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\.[A-Za-z0-9]+)*(\.[A-Za-z]{2,})$</Property>
    <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
    <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
    <Property name="ReadGroups">true</Property>
    <Property name="WriteGroups">true</Property>
    <Property name="EmptyRolesAllowed">true</Property>
    <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
    <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
    <Property name="GroupEntryObjectClass">groupOfNames</Property>
    <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
    <Property name="GroupNameAttribute">cn</Property>
    <Property name="SharedGroupNameAttribute">cn</Property>
    <Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
    <Property name="SharedGroupEntryObjectClass">groupOfNames</Property>
    <Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
    <Property name="SharedGroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
    <Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
    <Property name="SharedTenantNameAttribute">ou</Property>
    <Property name="SharedTenantObjectClass">organizationalUnit</Property>
    <Property name="MembershipAttribute">member</Property>
    <Property name="UserRolesCacheEnabled">true</Property>
    <Property name="SCIMEnabled">true</Property>
    <Property name="MaxRoleNameListLength">100</Property>
    <Property name="MaxUserNameListLength">100</Property>
</UserStoreManager>

SCIM错误:

{“错误”:[{“description”:“更新用户属性时出错:customer@wso2.com”,“代码”:“500”}]}

wso2 wso2is

2 回答

  • 0

    似乎文档中缺少某些配置,您还需要将以下属性添加到用户存储配置中 . 其他配置似乎没问题 . 您还可以在here找到有关启用电子邮件用户名的更多详细信息 .

    <Property name="UsernameWithEmailJavaScriptRegEx">[a-zA-Z0-9@._-|//]{3,30}$</Property>

    此外, /repository/logs/wso2carbon.log 文件中记录了WSO2IS错误 . 最好检查它以查找实际异常

    回复于
  • -1

    谢谢你的回答 . 我们添加了缺失的属性 . 我们的配置似乎与博客中描述的相同 . 在/repository/logs/wso2carbon.log中,我们发现了以下错误 .

    Object : 'mail=customer@wso2.com,ou=Users,dc=wso2,dc=org'
        Modification[0]
            Operation :  replace
            Modification
mobile: (null)
        Modification[1]
            Operation :  replace
            Modification
url: (null)
        Modification[2]
            Operation :  replace
            Modification
givenName: John
        Modification[3]
            Operation :  replace
            Modification
country: (null)
        Modification[4]
            Operation :  replace
            Modification
sn: Doe
        Modification[5]
            Operation :  replace
            Modification
telephoneNumber: (null)
        Modification[6]
            Operation :  replace
            Modification
organizationName: (null)
        Modification[7]
            Operation :  replace
            Modification
mail: customer2@wso2.com
        Modification[8]
            Operation :  replace
            Modification
im: (null)
        Modification[9]
            Operation :  replace
            Modification
streetAddress: (null)
: ERR_62 Entry mail=customer@wso2.com,ou=Users,dc=wso2,dc=org does not have the mail attributeType, which is part of the RDN";]; remaining name 'mail=customer@wso2.com'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3098)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
    at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1391)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
    at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doSetUserClaimValues(ReadWriteLDAPUserStoreManager.java:871)
    ... 121 more
TID: [0] [IS] [2015-06-04 10:48:39,046] ERROR {org.wso2.carbon.identity.user.profile.ui.client.UserProfileCient} -  org.apache.axis2.AxisFault: Profile information could not be updated in ApacheDS LDAP user store {org.wso2.carbon.identity.user.profile.ui.client.UserProfileCient}
TID: [0] [IS] [2015-06-04 11:11:29,749] ERROR {org.apache.directory.server.core.schema.SchemaInterceptor} -  ERR_62 Entry mail=customer@wso2.com,ou=Users,dc=wso2,dc=org does not have the mail attributeType, which is part of the RDN"; {org.apache.directory.server.core.schema.SchemaInterceptor}
TID: [0] [IS] [2015-06-04 11:11:29,749] ERROR {org.apache.directory.server.core.schema.SchemaInterceptor} -  ERR_62 Entry mail=customer@wso2.com,ou=Users,dc=wso2,dc=org does not have the mail attributeType, which is part of the RDN"; {org.apache.directory.server.core.schema.SchemaInterceptor}
TID: [0] [IS] [2015-06-04 11:11:29,750] ERROR {org.apache.axis2.rpc.receivers.RPCInOnlyMessageReceiver} -  Profile information could not be updated in ApacheDS LDAP user store {org.apache.axis2.rpc.receivers.RPCInOnlyMessageReceiver}
org.wso2.carbon.identity.user.profile.mgt.UserProfileException: Profile information could not be updated in ApacheDS LDAP user store
    回复于

相关问题