Hi all,
Embedded apacheds LDAP is no longer shipped with products (except with IS).
So can we please remove ReadWriteLDAPUserStoreManager config for
embedded-apacheds LDAP [1] (the first user store manager configuration found
in user-mgt.xml) from user-mgt.xml.
This config is bit misleading and most of the time people misuse this as
the user store manager configuration for external read/write ldap user
store which leads to many errors including user adding errors. Since embedded
ldap in IS have separate configuration, we can safely remove
this configuration and avoid lot of confusion. This concern is reported in
[2]
[1] <!-- Following is the default user store manager. This user store
manager is based on embedded-apacheds LDAP. It reads/writes users and roles
into the default apacheds LDAP user store. Descriptions about each of
the following properties can be found in user management documentation of
the respective product. In case if user core cache domain is needed to
identify uniquely set property <Property
name="UserCoreCacheIdentifier">domain</Property>
Note: Do not comment within UserStoreManager tags. Cause, specific tag
names are used as tokens when building configurations for products. -->
<!--UserStoreManager
class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
<Property
name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
<Property name="ConnectionURL">ldap://localhost:389</Property>
<Property
name="ConnectionName">cn=admin,dc=wso2,dc=com</Property>
<Property name="ConnectionPassword">secret</Property>
<Property name="Disabled">false</Property>
<Property name="passwordHashMethod">SHA</Property>
<Property
name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserEntryObjectClass">wso2Person</Property>
<Property
name="UserSearchBase">ou=Users,dc=wso2,dc=com</Property>
<Property
name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
<Property
name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="ReadGroups">true</Property>
<Property name="WriteGroups">true</Property>
<Property name="EmptyRolesAllowed">true</Property>
<Property
name="GroupSearchBase">ou=Groups,dc=wso2,dc=com</Property>
<Property
name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupEntryObjectClass">groupOfNames</Property>
<Property
name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="SharedGroupNameAttribute">cn</Property>
<Property
name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=com</Property>
<Property
name="SharedGroupEntryObjectClass">groupOfNames</Property>
<Property
name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property
name="SharedGroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property
name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
<Property name="SharedTenantNameAttribute">ou</Property>
<Property
name="SharedTenantObjectClass">organizationalUnit</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property
name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=com</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="SCIMEnabled">false</Property>
</UserStoreManager-->
[2] https://wso2.org/jira/browse/IDENTITY-1903
Regards,
/Pavithra
--
*Pavithra Madurangi*
Senior Software Engineer - QA.
WSO2 Inc.: http://wso2.com/
Mobile: +94777207357
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
