Hi,
I am working on ES migration to 2.1.0. The current store is
wso2es-1.2.0-SNAPSHOT.
I am unable to login with the wso2 OT credentials if I use following LDAP
configuration [1]. By comparing the user-mgt.xml exist in
wso2es-1.2.0-SNAPSHOT [2] and wso2es-2.1.0-beta2 [1], I found that there
are some attributes are newly added [3] and some are removed [4].
wso2es-1.2.0-SNAPSHOT contains -
org.wso2.carbon.user.core_4.3.0.SNAPSHOT.jar
wso2es-2.1.0-beta2 contains - org.wso2.carbon.user.core_4.4.7.jar
Can anyone help me to fix this?
[1]
<UserManager>
<Realm>
<Configuration>
<AddAdmin>true</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>[email protected]</UserName>
<Password>xxxxxxxxxxx</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By
default users in this role sees the registry root -->
<Property name="isCascadeDeleteEnabled">true</Property>
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
</Configuration>
<UserStoreManager
class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property
name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
<Property name="ConnectionURL">ldap://192.168.8.24:389</Property>
<Property
name="ConnectionName">uid=internalapps.wso2.com,ou=user,dc=ldap,dc=wso2,dc=org</Property>
<Property name="ConnectionPassword">xxxxxxxxxxx</Property>
<Property
name="UserSearchBase">ou=user,dc=ldap,dc=wso2,dc=org</Property>
<Property name="UserNameAttribute">mail</Property>
<Property
name="UserNameSearchFilter">(&(objectClass=inetOrgPerson)(mail=?))</Property>
<Property
name="UserNameListFilter">(objectClass=inetOrgPerson)</Property>
<Property name="DisplayNameAttribute"/>
<Property name="ReadGroups">true</Property>
<Property
name="GroupSearchBase">ou=group,dc=ldap,dc=wso2,dc=org</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property
name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property
name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="BackLinksEnabled">false</Property>
<Property
name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
<Property
name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="SCIMEnabled">false</Property>
<Property name="PasswordHashMethod">MD5</Property>
<Property name="MultiAttributeSeparator">,</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ConnectionPoolingEnabled">true</Property>
<Property name="LDAPConnectionTimeout">5000</Property>
<Property name="ReadTimeout"/>
<Property name="RetryAttempts"/>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property
name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
<Property name="GetAllRolesOfUserEnabled">false</Property>
</AuthorizationManager>
</Realm>
</UserManager>
[2]
<UserManager>
<Realm>
<Configuration>
<AddAdmin>true</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>[email protected]</UserName>
<Password>xxxxxxxxxxx</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By
default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
</Configuration>
<UserStoreManager
class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property
name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
<Property name="ReadOnly">true</Property>
<Property name="Disabled">false</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property
name="ConnectionURL">ldap://ldapmirror.wso2.org:389</Property>
<Property
name="ConnectionName">uid=connectorstoreuser,ou=user,dc=ldap,dc=wso2,dc=org</Property>
<Property name="ConnectionPassword">yyyyy</Property>
<Property name="passwordHashMethod">MD5</Property>
<Property
name="UserSearchBase">ou=user,dc=ldap,dc=wso2,dc=org</Property>
<Property
name="UserNameListFilter">(objectClass=inetOrgPerson)</Property>
<Property
name="UserNameSearchFilter">(&(objectClass=inetOrgPerson)(mail=?))</Property>
<Property name="UserNameAttribute">mail</Property>
<Property name="ReadGroups">true</Property>
<Property
name="GroupSearchBase">ou=user,dc=ldap,dc=wso2,dc=org</Property>
<Property
name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property
name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="SharedGroupNameAttribute">cn</Property>
<Property
name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
<Property
name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property
name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
<Property name="SharedTenantNameAttribute">ou</Property>
<Property
name="SharedTenantObjectClass">organizationalUnit</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="SCIMEnabled">false</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property
name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
</AuthorizationManager>
</Realm>
</UserManager>
[3]
<Property name="DisplayNameAttribute"/>
<Property name="BackLinksEnabled">false</Property>
<Property
name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
<Property
name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="MultiAttributeSeparator">,</Property>
<Property name="ConnectionPoolingEnabled">true</Property>
<Property name="LDAPConnectionTimeout">5000</Property>
<Property name="ReadTimeout"/>
<Property name="RetryAttempts"/>
[4]
<Property name="ReadOnly">true</Property>
<Property name="Disabled">false</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="SharedGroupNameAttribute">cn</Property>
<Property
name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
<Property
name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property
name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
<Property name="SharedTenantNameAttribute">ou</Property>
<Property
name="SharedTenantObjectClass">organizationalUnit</Property>
Thanks
--
Shakila Sivagnanarajah
Software Engineer
Mobile :+94 (0) 768 856837
[email protected]
WSO2, Inc.
lean . enterprise . middleware
http://www.wso2.com/
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
