gpt4 book ai didi

ldap - WSO2 身份服务器外部 LDAP 为 OID 身份人不存在抛出 OBJECT_CLASS

转载 作者:行者123 更新时间:2023-12-03 18:39:11 28 4
gpt4 key购买 nike

我使用的是 Identity Server 4.1.0,而且我还在 Apache Directory Studio 中运行 ApacheDS。所以我现在想要的是将我的 IS 连接到外部 LDAP。
IS 与 ldap 连接良好,只是因为缺少属性定义而引发错误。至少这是我对堆栈跟踪的解释。
我看到其他人也尝试过:
WSO2 external ldap not working
但我的错误是不同的。
我还看到在这个博客中如何很好地解释了如何使用 Directory Studio,但它似乎都在 IS 的嵌入式 LDAP 上运行:
http://www.soasecurity.org/2012/11/multiple-user-store-manager-feature.html

任何帮助表示赞赏!
提前致谢

最好的事物,
约翰内斯

这里的错误:

TID: [0] [IS] [2013-06-26 15:26:00,220] ERROR {org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} - Can not access the directory context or user already exists in the system {org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} javax.naming.NamingException: [LDAP: error code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 5 Add Request : Entry dn[n]: uid=admin,ou=Users,dc=wso2,dc=org objectClass: identityPerson uid: admin sn: admin userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...' cn: admin ManageDsaITImpl Control Type OID : '2.16.840.1.113730.3.4.2' Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225) at org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147) at org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113) at org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683) at org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381) at org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389) at org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544) at org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457) at org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1) at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340) TID: [0] [IS] [2013-06-26 15:26:00,223] ERROR {org.wso2.carbon.user.core.common.DefaultRealm} - Cannot create org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager {org.wso2.carbon.user.core.common.DefaultRealm} java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225) at org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147) at org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113) at org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683) at org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381) at org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389) at org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544) at org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457) at org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1) at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340) Caused by: org.wso2.carbon.user.core.UserStoreException: Can not access the directory context or user already exists in the system at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:251) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142) ... 27 more Caused by: javax.naming.NamingException: [LDAP: error code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 5 Add Request : Entry dn[n]: uid=admin,ou=Users,dc=wso2,dc=org objectClass: identityPerson uid: admin sn: admin userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...' cn: admin ManageDsaITImpl Control Type OID : '2.16.840.1.113730.3.4.2' Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242) ... 30 more TID: [0] [IS] [2013-06-26 15:26:00,225] ERROR {org.wso2.carbon.user.core.common.DefaultRealmService} - Cannot initialize the realm. {org.wso2.carbon.user.core.common.DefaultRealmService} org.wso2.carbon.user.core.UserStoreException: nullType class java.lang.reflect.InvocationTargetException at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:266) at org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147) at org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113) at org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683) at org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381) at org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389) at org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544) at org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457) at org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1) at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340) Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225) ... 22 more Caused by: org.wso2.carbon.user.core.UserStoreException: Can not access the directory context or user already exists in the system at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:251) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142) ... 27 more Caused by: javax.naming.NamingException: [LDAP: error code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 5 Add Request : Entry dn[n]: uid=admin,ou=Users,dc=wso2,dc=org objectClass: identityPerson uid: admin sn: admin userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...' cn: admin ManageDsaITImpl Control Type OID : '2.16.840.1.113730.3.4.2' Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242) ... 30 more TID: [0] [IS] [2013-06-26 15:26:00,226] ERROR {org.wso2.carbon.user.core.internal.Activator} - Cannot start User Manager Core bundle {org.wso2.carbon.user.core.internal.Activator} org.wso2.carbon.user.core.UserStoreException: Cannot initialize the realm. at org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:227) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702) at org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683) at org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381) at org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389) at org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559) at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544) at org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457) at org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438) at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1) at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340) Caused by: org.wso2.carbon.user.core.UserStoreException: nullType class java.lang.reflect.InvocationTargetException at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:266) at org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147) at org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113) at org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223) ... 19 more Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225) ... 22 more Caused by: org.wso2.carbon.user.core.UserStoreException: Can not access the directory context or user already exists in the system at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:251) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142) ... 27 more Caused by: javax.naming.NamingException: [LDAP: error code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 5 Add Request : Entry dn[n]: uid=admin,ou=Users,dc=wso2,dc=org objectClass: identityPerson uid: admin sn: admin userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...' cn: admin ManageDsaITImpl Control Type OID : '2.16.840.1.113730.3.4.2' Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242) ... 30 more


<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
<Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder</Property>
</Configuration>

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
<!--Property name="defaultRealmName">EXAMPLE.COM</Property-->
<Property name="ConnectionURL">ldap://localhost:10389</Property>
<Property name="ConnectionName">uid=admin,ou=system</Property>
<Property name="ConnectionPassword">secret</Property>
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserEntryObjectClass">inetOrgPerson</Property>
<Property name="UserSearchBase">ou=system</Property>
<!--Property name="UserSearchBase">ou=Users,dc=example,dc=com</Property-->
<Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="WriteLDAPGroups">true</Property>
<Property name="EmptyRolesAllowed">false</Property>
<Property name="GroupSearchBase">ou=system</Property>
<!--Property name="GroupSearchBase">ou=Groups,dc=example,dc=com</Property-->
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupEntryObjectClass">groupOfNames</Property>
<Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<!-- added by joe -->
<!--Property name="UserDNPattern">uid={0},ou=Users,dc=example,dc=com</Property-->
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="maxFailedLoginAttempt">0</Property>
</UserStoreManager>

<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
</AuthorizationManager>
</Realm>

最佳答案

这是因为 WSO2 IS 使用一组自定义对象类来实现某些任务,例如 SCIM。由于您使用的是外部 LDAP,因此您可以更改 LDAP 的架构,也可以使用声明映射来映射这些属性。

由于您使用的是 ApacheDS,因此您可以使用 LDIF 来更改 LDAP 的架构。您可以在/repository/data/org.wso2.carbon.directory/schema/ou=schema 下找到 ldif 文件

如果您不想更改架构,简单的方法是更改​​声明。
例如,您收到一条错误消息,提示“帐户锁”不存在。这意味着正在尝试向 LDAP 中的属性插入一些值。属性名称是“帐户锁”。这由声明映射控制(IS 中的主页 > 配置 > 声明管理)。在那里您可以找到显示的声明方言集。

如果你研究这些方言,你会发现那里有一组声明。我以 accountlock 属性为例。
http://wso2.org/claims方言,您可以找到“帐户锁定”属性。您可以将该声明的值(映射属性)更改为您 LDAP 中的现有属性。这个现有的属性需要是一个字符串类型的属性。可以对每个缺失的属性重复此过程。

希望这可以帮助

关于ldap - WSO2 身份服务器外部 LDAP 为 OID 身份人不存在抛出 OBJECT_CLASS,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17330883/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com