Hi, According to what you have described the attribute value should be as follows.
<Property name="MembershipAttribute">member</Property> Please let us know if it doesn't work with this configuration. thanks, dimuthu 2011/3/22 Roberto Mier Escandón <[email protected]> > Hi Dimuthu: > n > Content for MembershipAttribute should be full qualified. I explain > I have a "username" user in > cn=username, ou=users, o=base > > and groups in > cn=certaingroup, ou=groups, o=base > > and every group has a "member" attribute for every one of its members. This > way, if "username" is part of "certaingroup" group, then the "certaingroup" > has a member attribute with this value: > > attribute: member > value: cn=username, ou=users, o=base > > Is this right or the value should be only > value: username > ? > > > > > El 22/03/2011 9:16, Dimuthu Leelarathne escribió: > > Hi, > > Please see my comments inline. > > 2011/3/22 Roberto Mier Escandón <[email protected]> > >> Hi >> I have a little problem. I configure wso2 governance registry to take >> users and roles from an external LDAP. Both them are listed into management >> console in "Users and Roles" option. I also configure UserStoreManager to >> set certain ldap attribute as "member" to establish a relationship between >> user and its roles (this relationship is valid). I can set permissions for >> any role. But these permissions are not taken into account by governance >> registry. On the other hand, if i create a new role and set same permissions >> to it, it works!!!. >> It seems as external role permissions were not taken into account and i >> was need to create an internal role instead. This seems not to be logic. >> Where i'm wrong?. Are external roles working properly in governance >> registry. >> > > I checked the same scenario on Greg 3.5.0 version and it works fine for me > when I tested with ApacheDS. One place that can go wrong is the relationship > between users and roles. Did you set the following property in user-mgt.xml > correctly? > > <Property name="MembershipAttribute">uniqueMember</Property> > > If you have set this property correctly, I would like to know your LDAP > flavour, so that we can investigate this problem more thoroughly. > > Thanks, > Dimuthu > > > >> I use 3.5.0 version >> >> Thank you. >> >> -- >> >> Roberto Mier Escandón. >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> > > > > -- > > Roberto Mier Escandón. > >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
