Re: [Dev] Difference in the ReadWriteLDAPUserStoreManager of Identity Server and API Manager

Shavantha Weerasinghe Wed, 25 May 2016 06:21:38 -0700

[+ sameera]


Hi Darshana
>
> Reported a jira https://wso2.org/jira/browse/CARBON-15917 for the issue
>
> regards,
>
> Shavantha Weerasinghe
> Senior Software Engineer QA
> WSO2, Inc.
> lean.enterprise.middleware.
> http://wso2.com
> http://wso2.org
> Tel : 94 11 214 5345
> Fax :94 11 2145300
>
>
> On Wed, May 25, 2016 at 6:06 PM, Darshana Gunawardana <[email protected]>
> wrote:
>
>> Specific tag, ISUserStoreManager used in product distribution level to
>> uncomment ldap userstore for necessary products. For others it may remain
>> that tag as (commented) ISUserStoreManager but it's better to have it as
>> <!--UserStoreManager
>> class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager"> for
>> other products rather having ISUserStoreManager tag.
>>
>> If you wanted to configure an external userstore manager, uncomment
>> ISUserStoreManager tag and rename it as follows,
>> <UserStoreManager
>> class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
>>
>> Thanks,
>>
>> On Wed, May 25, 2016 at 4:48 PM, Ushani Balasooriya <[email protected]>
>> wrote:
>>
>>> + Dev
>>>
>>> Hi,
>>>
>>> Can you please let us know whether this is an issue or done for a reason
>>> ( *<!--ISUserStoreManager class="org.wso2.carbon.user.**core.ldap.*
>>> *ReadWriteLDAPUserStoreManager"**>)?*
>>>
>>> I see the same in ESB 5.0 Beta user-mgt.xml as well. In previous APIM
>>> releases, (before APIM 1.9.1) it was,
>>> *<!--UserStoreManager
>>> class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">*
>>>
>>> If anyone wants to point it to a external ReadWriteLDAPUserStoreManager,
>>> how can we achieve this?
>>>
>>> Please advice.
>>>
>>> Thanks
>>>
>>> On Fri, May 13, 2016 at 8:17 AM, Shavantha Weerasinghe <
>>> [email protected]> wrote:
>>>
>>>> Hi All
>>>>
>>>> Within the user-mgt.xml of the API Manager2 and API Manager 1.10 the
>>>> ReadWriteLDAPUserStoreManager  goes as ISUserStoreManager. However, on IS
>>>> products of 5.1.0 and 5.2.0 the same goes as <UserStoreManager  whats the
>>>> difference
>>>>
>>>> API Manager
>>>>
>>>>  <!--ISUserStoreManager
>>>> class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
>>>>             <Property
>>>> name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
>>>>             <Property
>>>> name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
>>>>             <Property
>>>> name="ConnectionName">uid=admin,ou=system</Property>
>>>>             <Property name="ConnectionPassword">admin</Property>
>>>>             <Property
>>>> name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
>>>>             <Property
>>>> name="UserEntryObjectClass">identityPerson</Property>
>>>>             <Property name="UserNameAttribute">uid</Property>
>>>>             <Property
>>>> name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
>>>>             <Property
>>>> name="UserNameListFilter">(objectClass=person)</Property>
>>>>             <Property name="DisplayNameAttribute"/>
>>>>             <Property name="ReadGroups">true</Property>
>>>>             <Property name="WriteGroups">true</Property>
>>>>             <Property
>>>> name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
>>>>             <Property
>>>> name="GroupEntryObjectClass">groupOfNames</Property>
>>>>             <Property name="GroupNameAttribute">cn</Property>
>>>>             <Property
>>>> name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
>>>>             <Property
>>>> name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
>>>>             <Property name="MembershipAttribute">member</Property>
>>>>             <Property name="BackLinksEnabled">false</Property>
>>>>             <Property
>>>> name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
>>>>             <Property
>>>> name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
>>>>             <Property
>>>> name="UsernameJavaRegExViolationErrorMsg">Username pattern policy
>>>> violated</Property>
>>>>             <Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
>>>>             <Property
>>>> name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
>>>>             <Property
>>>> name="PasswordJavaRegExViolationErrorMsg">Password length should be within
>>>> 5 to 30 characters</Property>
>>>>             <Property
>>>> name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
>>>>             <Property
>>>> name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
>>>>             <Property name="SCIMEnabled">true</Property>
>>>>             <Property name="IsBulkImportSupported">true</Property>
>>>>             <Property name="EmptyRolesAllowed">true</Property>
>>>>             <Property name="PasswordHashMethod">PLAIN_TEXT</Property>
>>>>             <Property name="MultiAttributeSeparator">,</Property>
>>>>             <Property name="MaxUserNameListLength">100</Property>
>>>>             <Property name="MaxRoleNameListLength">100</Property>
>>>>             <Property name="kdcEnabled">false</Property>
>>>>             <Property name="defaultRealmName">WSO2.ORG</Property>
>>>>             <Property name="UserRolesCacheEnabled">true</Property>
>>>>             <Property name="ConnectionPoolingEnabled">false</Property>
>>>>             <Property name="LDAPConnectionTimeout">5000</Property>
>>>>             <Property name="ReadTimeout"/>
>>>>             <Property name="RetryAttempts"/>
>>>>         </ISUserStoreManager-->
>>>>
>>>>
>>>> Latest identity server
>>>>
>>>>   <UserStoreManager
>>>> class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
>>>>             <Property
>>>> name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
>>>>             <Property
>>>> name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
>>>>             <Property
>>>> name="ConnectionName">uid=admin,ou=system</Property>
>>>>             <Property name="ConnectionPassword">admin</Property>
>>>>             <Property
>>>> name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
>>>>             <Property
>>>> name="UserEntryObjectClass">identityPerson</Property>
>>>>             <Property name="UserNameAttribute">uid</Property>
>>>>             <Property
>>>> name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
>>>>             <Property
>>>> name="UserNameListFilter">(objectClass=person)</Property>
>>>>             <Property name="DisplayNameAttribute"/>
>>>>             <Property name="ReadGroups">true</Property>
>>>>             <Property name="WriteGroups">true</Property>
>>>>             <Property
>>>> name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
>>>>             <Property
>>>> name="GroupEntryObjectClass">groupOfNames</Property>
>>>>             <Property name="GroupNameAttribute">cn</Property>
>>>>             <Property
>>>> name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
>>>>             <Property
>>>> name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
>>>>             <Property name="MembershipAttribute">member</Property>
>>>>             <Property name="BackLinksEnabled">false</Property>
>>>>             <Property
>>>> name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
>>>>             <Property
>>>> name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
>>>>             <Property
>>>> name="UsernameJavaRegExViolationErrorMsg">Username pattern policy
>>>> violated</Property>
>>>>             <Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
>>>>             <Property
>>>> name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
>>>>             <Property
>>>> name="PasswordJavaRegExViolationErrorMsg">Password length should be within
>>>> 5 to 30 characters</Property>
>>>>             <Property
>>>> name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
>>>>             <Property
>>>> name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
>>>>             <Property name="SCIMEnabled">true</Property>
>>>>             <Property name="IsBulkImportSupported">false</Property>
>>>>             <Property name="EmptyRolesAllowed">true</Property>
>>>>             <Property name="PasswordHashMethod">PLAIN_TEXT</Property>
>>>>             <Property name="MultiAttributeSeparator">,</Property>
>>>>             <Property name="MaxUserNameListLength">100</Property>
>>>>             <Property name="MaxRoleNameListLength">100</Property>
>>>>             <Property name="kdcEnabled">false</Property>
>>>>             <Property name="defaultRealmName">WSO2.ORG</Property>
>>>>             <Property name="UserRolesCacheEnabled">true</Property>
>>>>             <Property name="ConnectionPoolingEnabled">false</Property>
>>>>             <Property name="LDAPConnectionTimeout">5000</Property>
>>>>             <Property name="ReadTimeout"/>
>>>>             <Property name="RetryAttempts"/>
>>>>         </UserStoreManager>
>>>>
>>>>
>>>> regards,
>>>> Shavantha Weerasinghe
>>>> Senior Software Engineer QA
>>>> WSO2, Inc.
>>>> lean.enterprise.middleware.
>>>> http://wso2.com
>>>> http://wso2.org
>>>> Tel : 94 11 214 5345
>>>> Fax :94 11 2145300
>>>>
>>>>
>>>
>>>
>>> --
>>> *Ushani Balasooriya*
>>> Senior Software Engineer - QA;
>>> WSO2 Inc; http://www.wso2.com/.
>>>
>>>
>>>
>>
>>
>> --
>> Regards,
>>
>>
>> *Darshana Gunawardana*Senior Software Engineer
>> WSO2 Inc.; http://wso2.com
>>
>> *E-mail: [email protected] <[email protected]>*
>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>>
>
>

_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Difference in the ReadWriteLDAPUserStoreManager of Identity Server and API Manager

Reply via email to