Hi Hasini,
Here is my user-mgt.xml file
<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>bcymet</UserName>
<Password>XXXXXX</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By
default users in thsi role sees the registry root -->
<ReadOnly>true</ReadOnly>
<MaxUserNameListLength>500</MaxUserNameListLength>
<Property
name="url">jdbc:h2:repository/database/WSO2CARBON_DB</Property>
<Property name="userName">wso2carbon</Property>
<Property name="password">wso2carbon</Property>
<Property name="driverName">org.h2.Driver</Property>
<Property name="maxActive">50</Property>
<Property name="maxWait">60000</Property>
<Property name="minIdle">5</Property>
</Configuration>
<UserStoreManager
class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager">
<Property name="ReadOnly">true</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="ConnectionURL">ldap://localhost:389</Property>
<Property
name="ConnectionName">cn=admin,dc=TESTLDAP,dc=CBN</Property>
<Property name="ConnectionPassword">******</Property>
<Property
name="UserSearchBase">ou=people,dc=TESTLDAP,dc=CBN</Property>
<Property
name="UserNameListFilter">(objectClass=inetOrgPerson)</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="ReadLDAPGroups">false</Property>
<Property
name="GroupSearchBase">ou=groups,dc=TESTLDAP,dc=CBN</Property>
<Property
name="GroupSearchFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
</AuthorizationManager>
</Realm>
</UserManager>
I followed the directions for the read only setup at first.
I thought that the part in the file:
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>bcymet</UserName>
<Password>XXXXXX</Password>
</AdminUser>
would give my user permissions that it needed.
I guess I am missing something else.
On 12-01-03 11:23 AM, Hasini Gunasinghe wrote:
> Hi Bram,
>
> In order to login, you need to have login permission as well. (i.e only
> matching user name, password is not sufficient)
>
> In the first time login, you should login as the admin user which you
> specify in the user-mgt.xml. Admin user can then create users, roles and
> assign users to roles and permissions to those roles.
>
> So can you please make sure that you specify the admin user and admin
> role in user-mgt.xml correctly and also the admin user belongs to the
> admin role in the LDAP.
> Also, please make sure that you provided the correct value for the group
> search base property in user-mgt.xml
>
> If you can attach the user-mgt.xml, we might be able to provide more
> insight.
>
> Thanks,
> Hasini.
>
> On Tue, Jan 3, 2012 at 8:45 PM, Bram Cymet <bcy...@cbnco.com
> <mailto:bcy...@cbnco.com>> wrote:
>
> Hi,
>
> I am attempting to setup a wso2 identity server using my existing
> openldap instance as the userstore.
>
> I can see the server connecting to my ldap instance when I attempt to
> log in so I know the ConnectionURL, Name, and Password are correct. I
> can even see the server bind to my ldap instance successfully. However I
> can not log into the identity web interface.
>
> In the logs all I get is:
>
> [2012-01-03 09:55:11,033] WARN
> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed
> Administrator login attempt 'bcymet[0]' at [2012-01-03 09:55:11,0032]
> from IP address 172.20.22.157
>
> Any idea what might be going on or how I can up the logging to get a
> more detailed message?
>
> Thanks,
>
> --
> Bram Cymet
> Software Developer
> Canadian Bank Note Co. Ltd.
> 613-608-9752
> _______________________________________________
> Carbon-dev mailing list
> Carbon-dev@wso2.org <mailto:Carbon-dev@wso2.org>
> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>
>
>
>
> _______________________________________________
> Carbon-dev mailing list
> Carbon-dev@wso2.org
> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
--
Bram Cymet
Software Developer
Canadian Bank Note Co. Ltd.
613-608-9752
_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org
http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
