WSO2 Intergrator 6.6.0 活动目录登录
[英]WSO2 Intergrator 6.6.0 active directory login
问题描述
My environment : Centos 7.8 server , installed via yum : wso2is-5.10.0-1.el7.x86_64 , wso2ei-6.6.0-1.el7.x86_64 I want to configure authentication through my Active Directory , I read "Configuring Secondary User Stores" and "Configuring a Read-Write Active Directory User Store" , I want to do this way, so I added a "User Stores" in Home --> Configure --> User Stores
我的环境:Centos 7.8 服务器,通过 yum 安装:wso2is-5.10.0-1.el7.x86_64,wso2ei-6.6.0-1.el7.x86_64 我想通过我的 Active Directory 配置身份验证,我阅读了“配置二级用户” Stores”和“Configuring a Read-Write Active Directory User Store”,我想这样做,所以我在Home --> Configure --> User Stores中添加了一个“User Stores”
Then I restart wso2ei-6.6.0-integrator and wso2is-5.10.0 services .
然后我重新启动 wso2ei-6.6.0-integrator 和 wso2is-5.10.0 services 。 I can see my AD users in Home --> Users我可以在 Home --> Users 中看到我的 AD 用户 But when I try to view user profile I get error "System Error Occurred" , "Error while loading user profile metadata" wso2error.log
但是当我尝试查看用户配置文件时,我收到错误“发生系统错误”、“加载用户配置文件元数据时出错”wso2error.log
TID: [-1234] [2020-10-07 11:18:21,148] ERROR {org.wso2.carbon.identity.user.profile.ui.client.UserProfileCient} - org.wso2.carbon.identity.user.profile.stub.UserProfileMgtServiceUserProfileExceptionException: UserProfileMgtServiceUserProfileExceptionException
I still can login at "https://esb.mydomain.com:9443/carbon/" with username/pass admin/admin , but I can't login with my AD user "mydomain.com/jack.chuong" , I get these errors : wso2carbon.log我仍然可以使用 username/pass admin/admin 在 "https://esb.mydomain.com:9443/carbon/" 登录,但我无法使用我的 AD 用户 "mydomain.com/jack.chuong" 登录,我得到这些错误:wso2carbon.log
TID: [-1234] [] [2020-10-07 11:23:16,821] WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Login failed. Unauthorized login attempt 'mydomain.com/jack.chuong[-1234]' at [2020-10-07 11:23:16,821+0700]
wso2error.log wso2error.log
TID: [-1234] [2020-10-07 11:21:02,404] WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Login failed. Unauthorized login attempt 'mydomain.com/jack.chuong[-1234]' at [2020-10-07 11:21:02,404+0700]
audit.log审计日志
TID: [-1234] [2020-10-07 11:21:48,968] WARN {AUDIT_LOG} - Initiator=wso2.system.user Action=Authentication Target=mydomain.COM/jack.chuong Data=null Outcome=Failure Error={"Error Message":"Un-expected error while authenticating","Error Code":"31001"}
TID: [-1234] [2020-10-07 11:21:48,969] WARN {AUDIT_LOG} - Login failed. Unauthorized login attempt 'mydomain.com/jack.chuong[-1234]' at [2020-10-07 11:21:48,968+0700]
1 个解决方案
解决方案1
0 2020-11-10 05:07:55
问题解决了,AD用户被分配到没有任何权限(包括登录)的默认互联网角色,所以我必须创建新角色并分配权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.