Hello, I'm trying to setup APIM 2.1.0 + Identity Server 5.3.0 on separate boxes, at this point I have all configurations in place with shared databases and I added a secondary User Store (Read-Only LDAP) on the Identity Server and I'm able to assign permissions, etc..
The problem I'm having is that when I try to login to the API Store using a user from the secondary user store I get the following error in the login screen: "Error! Login failed. Insufficient Privileges." APIM Logs: ------------- [2017-05-25 14:49:52,812] ERROR - JDBCAuthorizationManager Error occurred while accessing Java Security Manager Privilege Block [2017-05-25 14:49:52,812] ERROR - APIStoreHostObject Login failed. Insufficient Privileges. IS Log: ----------- [2017-05-25 14:49:52,498] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'DOMAIN/xxx@carbon.super [-1234]' logged in at [2017-05-25 14:49:52,497-0400] So, it seems that the user is authenticated but something is happening. Just to be clear, the user from the secondary user store has "Internal/subscriber" role which should be sufficient to login. I also created a test user in the IS primary store and assigned "Internal/subscriber" role and that worked fine. Any help or pointers is appreciated. Thanks, Javier Vazquez If you wish to unsubscribe from receiving commercial electronic messages from TD Bank Group, please click here or go to the following web address: www.td.com/tdoptout Si vous souhaitez vous désabonner des messages électroniques de nature commerciale envoyés par Groupe Banque TD veuillez cliquer ici ou vous rendre à l'adresse td.com/tddesab NOTICE: Confidential message which may be privileged. Unauthorized use/disclosure prohibited. If received in error, please go to www.td.com/legal for instructions. AVIS : Message confidentiel dont le contenu peut être privilégié. Utilisation/divulgation interdites sans permission. Si reçu par erreur, prière d'aller au www.td.com/francais/avis_juridique pour des instructions.
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev