Hi all, Embedded apacheds LDAP is no longer shipped with products (except with IS). So can we please remove ReadWriteLDAPUserStoreManager config for embedded-apacheds LDAP [1] (the first user store manager configuration found in user-mgt.xml) from user-mgt.xml.
This config is bit misleading and most of the time people misuse this as the user store manager configuration for external read/write ldap user store which leads to many errors including user adding errors. Since embedded ldap in IS have separate configuration, we can safely remove this configuration and avoid lot of confusion. This concern is reported in [2] [1] <!-- Following is the default user store manager. This user store manager is based on embedded-apacheds LDAP. It reads/writes users and roles into the default apacheds LDAP user store. Descriptions about each of the following properties can be found in user management documentation of the respective product. In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property> Note: Do not comment within UserStoreManager tags. Cause, specific tag names are used as tokens when building configurations for products. --> <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager"> <Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property> <Property name="ConnectionURL">ldap://localhost:389</Property> <Property name="ConnectionName">cn=admin,dc=wso2,dc=com</Property> <Property name="ConnectionPassword">secret</Property> <Property name="Disabled">false</Property> <Property name="passwordHashMethod">SHA</Property> <Property name="UserNameListFilter">(objectClass=person)</Property> <Property name="UserEntryObjectClass">wso2Person</Property> <Property name="UserSearchBase">ou=Users,dc=wso2,dc=com</Property> <Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property> <Property name="UserNameAttribute">uid</Property> <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property> <Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property> <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property> <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> <Property name="ReadGroups">true</Property> <Property name="WriteGroups">true</Property> <Property name="EmptyRolesAllowed">true</Property> <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=com</Property> <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property> <Property name="GroupEntryObjectClass">groupOfNames</Property> <Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property> <Property name="GroupNameAttribute">cn</Property> <Property name="SharedGroupNameAttribute">cn</Property> <Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=com</Property> <Property name="SharedGroupEntryObjectClass">groupOfNames</Property> <Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property> <Property name="SharedGroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property> <Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property> <Property name="SharedTenantNameAttribute">ou</Property> <Property name="SharedTenantObjectClass">organizationalUnit</Property> <Property name="MembershipAttribute">member</Property> <Property name="UserRolesCacheEnabled">true</Property> <Property name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=com</Property> <Property name="MaxRoleNameListLength">100</Property> <Property name="MaxUserNameListLength">100</Property> <Property name="SCIMEnabled">false</Property> </UserStoreManager--> [2] https://wso2.org/jira/browse/IDENTITY-1903 Regards, /Pavithra -- *Pavithra Madurangi* Senior Software Engineer - QA. WSO2 Inc.: http://wso2.com/ Mobile: +94777207357
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev