Re: [Dev] AD as primary user store (Read only configuration)
On Tue, Jul 1, 2014 at 11:56 AM, Pavithra Madurangi pavit...@wso2.com wrote: As per the documentation [1], it's possible to use org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager for both read-only and read/write operations. So I used the configuration found at [2] (configuration for AD) and still I was able to add users to AD. Please note that following property is not there in the provided configuration Property name=ReadOnlytrue/Property Then I added that property to user-mgt.xml and started the server again. Still I can add uses to AD (which is wrong since I need read only user store) What I need to get clarified is.. 1) IMO the information in documentation is not correct.. or am I missing something? @Samuel: Can you please correct the docs. AD should only be used for read-write. Clearly mention that if AD is to be used as read-only we need to use ReadOnlyLDAPUserStoreManager. 2) Can we make the ActiveDirectoryUserStoreManager read - only by adding following property ? Property name=ReadOnlytrue/Property 3) If above configuration is not correct, what is the recommended/correct user store manager if we need to configure read only AD as primary user store? We use ReadOnlyLDAPUserStoreManager and it works fine.. Is it the right way of configuring user store? Yes. This is the right way of using it. [1] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores [2] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores#ConfiguringPrimaryUserStores-Read-onlymode Regards, Pavithra -- *Pavithra Madurangi* Associate Technical Lead - QA. WSO2 Inc.: http://wso2.com/ Mobile: +94777207357 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, *Johann Dilantha Nallathamby* Associate Technical Lead Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+9476950* Blog - *http://nallaa.wordpress.com http://nallaa.wordpress.com* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] AD as primary user store (Read only configuration)
Hi Johann and Pavithra, Thanks for reporting this. I'll work on this and make the changes. Thanks, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Mon, Jul 7, 2014 at 8:46 PM, Johann Nallathamby joh...@wso2.com wrote: On Tue, Jul 1, 2014 at 11:56 AM, Pavithra Madurangi pavit...@wso2.com wrote: As per the documentation [1], it's possible to use org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager for both read-only and read/write operations. So I used the configuration found at [2] (configuration for AD) and still I was able to add users to AD. Please note that following property is not there in the provided configuration Property name=ReadOnlytrue/Property Then I added that property to user-mgt.xml and started the server again. Still I can add uses to AD (which is wrong since I need read only user store) What I need to get clarified is.. 1) IMO the information in documentation is not correct.. or am I missing something? @Samuel: Can you please correct the docs. AD should only be used for read-write. Clearly mention that if AD is to be used as read-only we need to use ReadOnlyLDAPUserStoreManager. 2) Can we make the ActiveDirectoryUserStoreManager read - only by adding following property ? Property name=ReadOnlytrue/Property 3) If above configuration is not correct, what is the recommended/correct user store manager if we need to configure read only AD as primary user store? We use ReadOnlyLDAPUserStoreManager and it works fine.. Is it the right way of configuring user store? Yes. This is the right way of using it. [1] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores [2] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores#ConfiguringPrimaryUserStores-Read-onlymode Regards, Pavithra -- *Pavithra Madurangi* Associate Technical Lead - QA. WSO2 Inc.: http://wso2.com/ Mobile: +94777207357 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, *Johann Dilantha Nallathamby* Associate Technical Lead Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+9476950* Blog - *http://nallaa.wordpress.com http://nallaa.wordpress.com* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] AD as primary user store (Read only configuration)
Hi Tania, AFAIK all product pages already pull this content from the shared location so the fix would be applied anyway. Thanks, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Tue, Jul 8, 2014 at 9:12 AM, Tania Mahanama ta...@wso2.com wrote: Hi Sam, I guess this is relevant for other products that have this page as well. Please let us know once you have made the changes. Thanks, Tania On Mon, Jul 7, 2014 at 9:46 PM, Samuel Gnaniah sam...@wso2.com wrote: Hi Johann and Pavithra, Thanks for reporting this. I'll work on this and make the changes. Thanks, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Mon, Jul 7, 2014 at 8:46 PM, Johann Nallathamby joh...@wso2.com wrote: On Tue, Jul 1, 2014 at 11:56 AM, Pavithra Madurangi pavit...@wso2.com wrote: As per the documentation [1], it's possible to use org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager for both read-only and read/write operations. So I used the configuration found at [2] (configuration for AD) and still I was able to add users to AD. Please note that following property is not there in the provided configuration Property name=ReadOnlytrue/Property Then I added that property to user-mgt.xml and started the server again. Still I can add uses to AD (which is wrong since I need read only user store) What I need to get clarified is.. 1) IMO the information in documentation is not correct.. or am I missing something? @Samuel: Can you please correct the docs. AD should only be used for read-write. Clearly mention that if AD is to be used as read-only we need to use ReadOnlyLDAPUserStoreManager. 2) Can we make the ActiveDirectoryUserStoreManager read - only by adding following property ? Property name=ReadOnlytrue/Property 3) If above configuration is not correct, what is the recommended/correct user store manager if we need to configure read only AD as primary user store? We use ReadOnlyLDAPUserStoreManager and it works fine.. Is it the right way of configuring user store? Yes. This is the right way of using it. [1] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores [2] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores#ConfiguringPrimaryUserStores-Read-onlymode Regards, Pavithra -- *Pavithra Madurangi* Associate Technical Lead - QA. WSO2 Inc.: http://wso2.com/ Mobile: +94777207357 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, *Johann Dilantha Nallathamby* Associate Technical Lead Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+9476950* Blog - *http://nallaa.wordpress.com http://nallaa.wordpress.com* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Tania Mahanama Senior Technical Writer Contact: Mob: +94 077 5129270 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] AD as primary user store (Read only configuration)
Oh, sorry. I just checked the IS and MB pages and they were not pulled from the shared content. Will fix MB. Thanks! Tania On Tue, Jul 8, 2014 at 9:15 AM, Samuel Gnaniah sam...@wso2.com wrote: Hi Tania, AFAIK all product pages already pull this content from the shared location so the fix would be applied anyway. Thanks, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Tue, Jul 8, 2014 at 9:12 AM, Tania Mahanama ta...@wso2.com wrote: Hi Sam, I guess this is relevant for other products that have this page as well. Please let us know once you have made the changes. Thanks, Tania On Mon, Jul 7, 2014 at 9:46 PM, Samuel Gnaniah sam...@wso2.com wrote: Hi Johann and Pavithra, Thanks for reporting this. I'll work on this and make the changes. Thanks, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Mon, Jul 7, 2014 at 8:46 PM, Johann Nallathamby joh...@wso2.com wrote: On Tue, Jul 1, 2014 at 11:56 AM, Pavithra Madurangi pavit...@wso2.com wrote: As per the documentation [1], it's possible to use org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager for both read-only and read/write operations. So I used the configuration found at [2] (configuration for AD) and still I was able to add users to AD. Please note that following property is not there in the provided configuration Property name=ReadOnlytrue/Property Then I added that property to user-mgt.xml and started the server again. Still I can add uses to AD (which is wrong since I need read only user store) What I need to get clarified is.. 1) IMO the information in documentation is not correct.. or am I missing something? @Samuel: Can you please correct the docs. AD should only be used for read-write. Clearly mention that if AD is to be used as read-only we need to use ReadOnlyLDAPUserStoreManager. 2) Can we make the ActiveDirectoryUserStoreManager read - only by adding following property ? Property name=ReadOnlytrue/Property 3) If above configuration is not correct, what is the recommended/correct user store manager if we need to configure read only AD as primary user store? We use ReadOnlyLDAPUserStoreManager and it works fine.. Is it the right way of configuring user store? Yes. This is the right way of using it. [1] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores [2] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores#ConfiguringPrimaryUserStores-Read-onlymode Regards, Pavithra -- *Pavithra Madurangi* Associate Technical Lead - QA. WSO2 Inc.: http://wso2.com/ Mobile: +94777207357 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, *Johann Dilantha Nallathamby* Associate Technical Lead Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+9476950* Blog - *http://nallaa.wordpress.com http://nallaa.wordpress.com* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Tania Mahanama Senior Technical Writer Contact: Mob: +94 077 5129270 -- Tania Mahanama Senior Technical Writer Contact: Mob: +94 077 5129270 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] AD as primary user store (Read only configuration)
Yeah, IS docs are an exception since I prefer to have an extra link in there. For other docs it isn't necessary since they anyway have a link to that topic at the bottom in addition to the page-include macro (see [1] for an example). [1] - http://docs.wso2.com/display/AS521/Configuring+Primary+User+Stores Cheers, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Tue, Jul 8, 2014 at 9:15 AM, Samuel Gnaniah sam...@wso2.com wrote: Hi Tania, AFAIK all product pages already pull this content from the shared location so the fix would be applied anyway. Thanks, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Tue, Jul 8, 2014 at 9:12 AM, Tania Mahanama ta...@wso2.com wrote: Hi Sam, I guess this is relevant for other products that have this page as well. Please let us know once you have made the changes. Thanks, Tania On Mon, Jul 7, 2014 at 9:46 PM, Samuel Gnaniah sam...@wso2.com wrote: Hi Johann and Pavithra, Thanks for reporting this. I'll work on this and make the changes. Thanks, Sam *Samuel Gnaniah* Senior Technical Writer WSO2 (pvt.) Ltd. Colombo, Sri Lanka (+94) 773131798 On Mon, Jul 7, 2014 at 8:46 PM, Johann Nallathamby joh...@wso2.com wrote: On Tue, Jul 1, 2014 at 11:56 AM, Pavithra Madurangi pavit...@wso2.com wrote: As per the documentation [1], it's possible to use org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager for both read-only and read/write operations. So I used the configuration found at [2] (configuration for AD) and still I was able to add users to AD. Please note that following property is not there in the provided configuration Property name=ReadOnlytrue/Property Then I added that property to user-mgt.xml and started the server again. Still I can add uses to AD (which is wrong since I need read only user store) What I need to get clarified is.. 1) IMO the information in documentation is not correct.. or am I missing something? @Samuel: Can you please correct the docs. AD should only be used for read-write. Clearly mention that if AD is to be used as read-only we need to use ReadOnlyLDAPUserStoreManager. 2) Can we make the ActiveDirectoryUserStoreManager read - only by adding following property ? Property name=ReadOnlytrue/Property 3) If above configuration is not correct, what is the recommended/correct user store manager if we need to configure read only AD as primary user store? We use ReadOnlyLDAPUserStoreManager and it works fine.. Is it the right way of configuring user store? Yes. This is the right way of using it. [1] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores [2] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores#ConfiguringPrimaryUserStores-Read-onlymode Regards, Pavithra -- *Pavithra Madurangi* Associate Technical Lead - QA. WSO2 Inc.: http://wso2.com/ Mobile: +94777207357 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks Regards, *Johann Dilantha Nallathamby* Associate Technical Lead Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+9476950* Blog - *http://nallaa.wordpress.com http://nallaa.wordpress.com* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Tania Mahanama Senior Technical Writer Contact: Mob: +94 077 5129270 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] AD as primary user store (Read only configuration)
As per the documentation [1], it's possible to use org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager for both read-only and read/write operations. So I used the configuration found at [2] (configuration for AD) and still I was able to add users to AD. Please note that following property is not there in the provided configuration Property name=ReadOnlytrue/Property Then I added that property to user-mgt.xml and started the server again. Still I can add uses to AD (which is wrong since I need read only user store) What I need to get clarified is.. 1) IMO the information in documentation is not correct.. or am I missing something? 2) Can we make the ActiveDirectoryUserStoreManager read - only by adding following property ? Property name=ReadOnlytrue/Property 3) If above configuration is not correct, what is the recommended/correct user store manager if we need to configure read only AD as primary user store? We use ReadOnlyLDAPUserStoreManager and it works fine.. Is it the right way of configuring user store? [1] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores [2] https://docs.wso2.com/display/IS500/Configuring+Primary+User+Stores#ConfiguringPrimaryUserStores-Read-onlymode Regards, Pavithra -- *Pavithra Madurangi* Associate Technical Lead - QA. WSO2 Inc.: http://wso2.com/ Mobile: +94777207357 ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev