Re: [Dev] Issue while configuring LDAP for ES migration
Sorry mistyped the tag as 4.7.0. The correct tag is carbon-kernal (tag v4.4.7). On Tue, Aug 16, 2016 at 11:05 AM, Shakila Sivagnanarajahwrote: > Hi all, > > I tried the above mentioned configuration [1] in wso2esb-5.0.0-BETA. I am > able to login the carbon console using the specified admin user > credentials (internala...@wso2.com and the corresponding password). But > that configuration is not working for ES. > > I debugged the carbon-kernal (tag 4.7.0) and I share my findings here: > > The method authenticateInternal(userName, credential, domainProvided); throws > 'org.wso2.carbon.user.core.UserStoreException’ exception like > "InvalidOperationInvalid operation. User store is read only". > > Thank you. > > On Fri, Aug 12, 2016 at 6:34 PM, Shakila Sivagnanarajah > wrote: > >> Hi, >> >> I am working on ES migration to 2.1.0. The current store is >> wso2es-1.2.0-SNAPSHOT. >> I am unable to login with the wso2 OT credentials if I use following LDAP >> configuration [1]. By comparing the user-mgt.xml exist in >> wso2es-1.2.0-SNAPSHOT [2] and wso2es-2.1.0-beta2 [1], I found that there >> are some attributes are newly added [3] and some are removed [4]. >> >> wso2es-1.2.0-SNAPSHOT contains - org.wso2.carbon.user.core_4.3. >> 0.SNAPSHOT.jar >> wso2es-2.1.0-beta2 contains- org.wso2.carbon.user.core_4.4.7.jar >> >> Can anyone help me to fix this? >> >> [1] >> >> >> >> >> true >> admin >> >> internala...@wso2.com >> xxx >> >> everyone >> true >> jdbc/WSO2CarbonDB >> >> > class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager"> >> > name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager >> ldap://192.168.8.24:389 >> > name="ConnectionName">uid=internalapps.wso2.com,ou=user,dc=ldap,dc=wso2,dc=org >> xxx >> > name="UserSearchBase">ou=user,dc=ldap,dc=wso2,dc=org >> mail >> > name="UserNameSearchFilter">((objectClass=inetOrgPerson)(mail=?)) >> > name="UserNameListFilter">(objectClass=inetOrgPerson) >> >> true >> > name="GroupSearchBase">ou=group,dc=ldap,dc=wso2,dc=org >> cn >> > name="GroupNameSearchFilter">((objectClass=groupOfNames)(cn=?)) >> > name="GroupNameListFilter">(objectClass=groupOfNames) >> member >> false >> > name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$ >> ^[\S]{5,30}$ >> > name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$ >> false >> MD5 >> , >> 100 >> 100 >> true >> true >> 5000 >> >> >> > name="ReplaceEscapeCharactersAtUserLogin">true >> >> > class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager"> >> > name="AdminRoleManagementPermissions">/permission >> true >> false >> >> >> >> >> [2] >> >> >> >> >> true >> admin >> >> internala...@wso2.com >> xxx >> >> everyone >> jdbc/WSO2CarbonDB >> >> > class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager"> >> > name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager >> true >> false >> 100 >> > name="ConnectionURL">ldap://ldapmirror.wso2.org:389 >> > name="ConnectionName">uid=connectorstoreuser,ou=user,dc=ldap,dc=wso2,dc=org >> y >> MD5 >> > name="UserSearchBase">ou=user,dc=ldap,dc=wso2,dc=org >> > name="UserNameListFilter">(objectClass=inetOrgPerson) >> > name="UserNameSearchFilter">((objectClass=inetOrgPerson)(mail=?)) >> mail >> true >> > name="GroupSearchBase">ou=user,dc=ldap,dc=wso2,dc=org >> > name="GroupNameListFilter">(objectClass=groupOfNames) >> > name="GroupNameSearchFilter">((objectClass=groupOfNames)(cn=?)) >> cn >> cn >> > name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org >> > name="SharedGroupNameListFilter">(objectClass=groupOfNames) >> > name="SharedTenantNameListFilter">(objectClass=organizationalUnit) >> ou >> > name="SharedTenantObjectClass">organizationalUnit >> member >> true >> > name="ReplaceEscapeCharactersAtUserLogin">true >> 100 >> 100 >> false >> >> > >>
Re: [Dev] Issue while configuring LDAP for ES migration
Hi all, I tried the above mentioned configuration [1] in wso2esb-5.0.0-BETA. I am able to login the carbon console using the specified admin user credentials (internala...@wso2.com and the corresponding password). But that configuration is not working for ES. I debugged the carbon-kernal (tag 4.7.0) and I share my findings here: The method authenticateInternal(userName, credential, domainProvided); throws 'org.wso2.carbon.user.core.UserStoreException’ exception like "InvalidOperationInvalid operation. User store is read only". Thank you. On Fri, Aug 12, 2016 at 6:34 PM, Shakila Sivagnanarajahwrote: > Hi, > > I am working on ES migration to 2.1.0. The current store is > wso2es-1.2.0-SNAPSHOT. > I am unable to login with the wso2 OT credentials if I use following LDAP > configuration [1]. By comparing the user-mgt.xml exist in > wso2es-1.2.0-SNAPSHOT [2] and wso2es-2.1.0-beta2 [1], I found that there > are some attributes are newly added [3] and some are removed [4]. > > wso2es-1.2.0-SNAPSHOT contains - org.wso2.carbon.user.core_4.3. > 0.SNAPSHOT.jar > wso2es-2.1.0-beta2 contains- org.wso2.carbon.user.core_4.4.7.jar > > Can anyone help me to fix this? > > [1] > > > > > true > admin > > internala...@wso2.com > xxx > > everyone > true > jdbc/WSO2CarbonDB > > class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager"> > name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager > ldap://192.168.8.24:389 > name="ConnectionName">uid=internalapps.wso2.com,ou=user,dc=ldap,dc=wso2,dc=org > xxx > name="UserSearchBase">ou=user,dc=ldap,dc=wso2,dc=org > mail > name="UserNameSearchFilter">((objectClass=inetOrgPerson)(mail=?)) > name="UserNameListFilter">(objectClass=inetOrgPerson) > > true > name="GroupSearchBase">ou=group,dc=ldap,dc=wso2,dc=org > cn > name="GroupNameSearchFilter">((objectClass=groupOfNames)(cn=?)) > name="GroupNameListFilter">(objectClass=groupOfNames) > member > false > name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$ > ^[\S]{5,30}$ > name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$ > false > MD5 > , > 100 > 100 > true > true > 5000 > > > name="ReplaceEscapeCharactersAtUserLogin">true > > class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager"> > name="AdminRoleManagementPermissions">/permission > true > false > > > > > [2] > > > > > true > admin > > internala...@wso2.com > xxx > > everyone > jdbc/WSO2CarbonDB > > class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager"> > name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager > true > false > 100 > name="ConnectionURL">ldap://ldapmirror.wso2.org:389 > name="ConnectionName">uid=connectorstoreuser,ou=user,dc=ldap,dc=wso2,dc=org > y > MD5 > name="UserSearchBase">ou=user,dc=ldap,dc=wso2,dc=org > name="UserNameListFilter">(objectClass=inetOrgPerson) > name="UserNameSearchFilter">((objectClass=inetOrgPerson)(mail=?)) > mail > true > name="GroupSearchBase">ou=user,dc=ldap,dc=wso2,dc=org > name="GroupNameListFilter">(objectClass=groupOfNames) > name="GroupNameSearchFilter">((objectClass=groupOfNames)(cn=?)) > cn > cn > name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org > name="SharedGroupNameListFilter">(objectClass=groupOfNames) > name="SharedTenantNameListFilter">(objectClass=organizationalUnit) > ou > name="SharedTenantObjectClass">organizationalUnit > member > true > name="ReplaceEscapeCharactersAtUserLogin">true > 100 > 100 > false > > > class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager"> > name="AdminRoleManagementPermissions">/permission > true > > > > > [3] > > false > [a-zA-Z0-9._-|//]{3,30}$ Property> > ^[\S]{5,30}$ > [a-zA-Z0-9._-|//]{3,30}$ Property> >
[Dev] Issue while configuring LDAP for ES migration
Hi, I am working on ES migration to 2.1.0. The current store is wso2es-1.2.0-SNAPSHOT. I am unable to login with the wso2 OT credentials if I use following LDAP configuration [1]. By comparing the user-mgt.xml exist in wso2es-1.2.0-SNAPSHOT [2] and wso2es-2.1.0-beta2 [1], I found that there are some attributes are newly added [3] and some are removed [4]. wso2es-1.2.0-SNAPSHOT contains - org.wso2.carbon.user.core_4.3.0.SNAPSHOT.jar wso2es-2.1.0-beta2 contains- org.wso2.carbon.user.core_4.4.7.jar Can anyone help me to fix this? [1] true admin internala...@wso2.com xxx everyone true jdbc/WSO2CarbonDB org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager ldap://192.168.8.24:389 uid=internalapps.wso2.com,ou=user,dc=ldap,dc=wso2,dc=org xxx ou=user,dc=ldap,dc=wso2,dc=org mail ((objectClass=inetOrgPerson)(mail=?)) (objectClass=inetOrgPerson) true ou=group,dc=ldap,dc=wso2,dc=org cn ((objectClass=groupOfNames)(cn=?)) (objectClass=groupOfNames) member false [a-zA-Z0-9._-|//]{3,30}$ ^[\S]{5,30}$ [a-zA-Z0-9._-|//]{3,30}$ false MD5 , 100 100 true true 5000 true /permission true false [2] true admin internala...@wso2.com xxx everyone jdbc/WSO2CarbonDB org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager true false 100 ldap://ldapmirror.wso2.org:389 uid=connectorstoreuser,ou=user,dc=ldap,dc=wso2,dc=org y MD5 ou=user,dc=ldap,dc=wso2,dc=org (objectClass=inetOrgPerson) ((objectClass=inetOrgPerson)(mail=?)) mail true ou=user,dc=ldap,dc=wso2,dc=org (objectClass=groupOfNames) ((objectClass=groupOfNames)(cn=?)) cn cn ou=SharedGroups,dc=wso2,dc=org (objectClass=groupOfNames) (objectClass=organizationalUnit) ou organizationalUnit member true true 100 100 false /permission true [3] false [a-zA-Z0-9._-|//]{3,30}$ ^[\S]{5,30}$ [a-zA-Z0-9._-|//]{3,30}$ , true 5000 [4] true false 100 cn ou=SharedGroups,dc=wso2,dc=org (objectClass=groupOfNames) (objectClass=organizationalUnit) ou organizationalUnit Thanks -- Shakila Sivagnanarajah Software Engineer Mobile :+94 (0) 768 856837 shak...@wso2.com WSO2, Inc. lean . enterprise . middleware http://www.wso2.com/ ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev