[Dev] API 2.1.0 + Identity Server 5.3.0

Thu, 25 May 2017 12:21:20 -0700 

Hello,

I'm trying to setup APIM 2.1.0 + Identity Server 5.3.0 on separate boxes, at 
this point I have all configurations in place with shared databases and I added 
a secondary User Store (Read-Only LDAP) on the Identity Server and I'm able to 
assign permissions, etc..

The problem I'm having is that when I try to login to the API Store using a 
user from the secondary user store I get the following error in the login 
screen:

"Error! Login failed. Insufficient Privileges."

APIM Logs:
-------------

[2017-05-25 14:49:52,812] ERROR - JDBCAuthorizationManager Error occurred while 
accessing Java Security Manager Privilege Block
[2017-05-25 14:49:52,812] ERROR - APIStoreHostObject Login failed. Insufficient 
Privileges.

IS Log:
-----------
[2017-05-25 14:49:52,498]  INFO 
{org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  
'DOMAIN/xxx@carbon.super [-1234]' logged in at [2017-05-25 14:49:52,497-0400]

So, it seems that the user is authenticated but something is happening.

Just to be clear, the user from the secondary user store has 
"Internal/subscriber" role which should be sufficient to login.

I also created a test user in the IS primary store and assigned 
"Internal/subscriber" role and that worked fine.


Any help or pointers is appreciated.

Thanks,
Javier Vazquez



If you wish to unsubscribe from receiving commercial electronic messages from 
TD Bank Group, please click here or go to the following web address: 
www.td.com/tdoptout
Si vous souhaitez vous désabonner des messages électroniques de nature 
commerciale envoyés par Groupe Banque TD veuillez cliquer ici ou vous rendre à 
l'adresse td.com/tddesab

NOTICE: Confidential message which may be privileged. Unauthorized 
use/disclosure prohibited. If received in error, please go to www.td.com/legal 
for instructions.
AVIS : Message confidentiel dont le contenu peut être privilégié. 
Utilisation/divulgation interdites sans permission. Si reçu par erreur, prière 
d'aller au www.td.com/francais/avis_juridique pour des instructions.

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to