0

I am new to wso2 and I am using wso2 Identity Server for authentication and authorization to my project. But I have a problem to configure ApacheDSUserStoreManager as an external ldap userstore manager in wso2 identity server. please can anyone provide me the right way to proceed. my configuration is as follow.

configuration file is 

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager">
    <Property name="defaultRealmName">sample.com</Property>
    <Property name="kdcEnabled">false</Property>
    <Property name="ConnectionURL">ldap://localhost:10389</Property> 
    <Property name="ConnectionName">uid=rpurimitla,ou=manage,dc=sample,dc=com</Property>
    <Property name="ConnectionPassword">sample</Property>
    <Property name="passwordHashMethod">SHA</Property>
    <Property name="UserSearchBase">ou=manage,dc=sample,dc=com</Property>
    <Property name="UserEntryObjectClass">inetOrgPerson</Property>
    <Property name="UserNameAttribute">uid</Property>
    <Property name="isADLDSRole">true</Property>
    <Property name="userAccountControl">512</Property>
    <Property name="UserNameListFilter">(objectClass=user)</Property>
    <Property name="UserNameSearchFilter">(&amp;(objectClass=user)(cn=?))</Property>
    <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-]{3,30}$</Property>
    <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
    <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
    <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
    <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-]{3,30}$</Property>
    <Property name="ReadLDAPGroups">true</Property>
    <Property name="WriteLDAPGroups">true</Property>
    <Property name="EmptyRolesAllowed">true</Property>
    <Property name="GroupSearchBase">ou=manage,dc=sample,dc=com</Property>
    <Property name="GroupEntryObjectClass">group</Property>
    <Property name="GroupNameAttribute">cn</Property>
    <Property name="MembershipAttribute">member</Property>
    <Property name="GroupNameListFilter">(objectcategory=group)</Property>
    <Property name="GroupNameSearchFilter">(&amp;(objectClass=group)(cn=?))</Property>
    <Property name="UserRolesCacheEnabled">true</Property>
    <Property name="Referral">follow</Property>
    <Property name="BackLinksEnabled">true</Property>
    </UserStoreManager>

this is the error am getting

2013-07-26 17:57:47,781] INFO {org.wso2.carbon.databridge.agent.thrift.AgentHolder} - Agent created ! [2013-07-26 17:57:47,859] INFO {org.wso2.carbon.databridge.agent.thrift.internal.AgentDS} - Successfully deployed Agent Client [2013-07-26 17:57:48,000] INFO {org.wso2.carbon.identity.authenticator.iwa.ui.internal.Activator} - Integrated Windows Authenticator enabled in the system [2013-07-26 17:57:48,234] INFO {org.wso2.carbon.ldap.server.DirectoryActivator} - Embedded LDAP is disabled. [2013-07-26 17:57:49,781] ERROR {org.wso2.carbon.user.core.common.DefaultRealm} - Cannot create org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager java.lang.ClassNotFoundException: org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:513) at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:429) at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:417) at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:107) at java.lang.ClassLoader.loadClass(ClassLoader.java:251) at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:169) at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:215) at org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147) at org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113) at org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method)

================================================================================

Community
  • 1
  • 1
ravi purimitla
  • 67
  • 1
  • 5

1 Answers1

0

If you are using IS 4.0.0 or a later version ApacheDSUserStoreManager class has been removed from those releases. You need to change your configurations according to your version.

You need to un-comment the below section from your user-mgt.xml and change the configurations accordingly. 

  <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
        <Property name="ConnectionURL">ldap://localhost:10389</Property>
        <Property name="ConnectionName">uid=admin,ou=system</Property>
        <Property name="ConnectionPassword">secret</Property>
        <Property name="passwordHashMethod">PLAIN_TEXT</Property>
        <Property name="UserNameListFilter">(objectClass=person)</Property>
        <Property name="UserEntryObjectClass">inetOrgPerson</Property>
        <Property name="UserSearchBase">ou=system</Property>
        <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
        <Property name="UserNameAttribute">uid</Property>
        <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
        <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
        <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
        <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
        <Property name="ReadLDAPGroups">true</Property>
        <Property name="WriteLDAPGroups">true</Property>
        <Property name="EmptyRolesAllowed">false</Property>
        <Property name="GroupSearchBase">ou=system</Property>
        <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
        <Property name="GroupEntryObjectClass">groupOfNames</Property>
        <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
        <Property name="GroupNameAttribute">cn</Property>
        <Property name="MembershipAttribute">member</Property>
        <Property name="UserRolesCacheEnabled">true</Property>
        <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
        <Property name="maxFailedLoginAttempt">0</Property>
    </UserStoreManager-->

There is a related issues in below link [1].

[1] WSO2 Identity Server external LDAP throws OBJECT_CLASS for OID identityperson does not exist

Hope this is helpful.

Community
  • 1
  • 1
Venura
  • 261
  • 2
  • 8