stackoom
  简体   繁体   中英

WSO2 Tenant authentication failed

 原文  2019-07-13 09:24:46       wso2/ wso2is

Question

I can't create users in specific tenant (domain) in WSO2 identity server 5.7.0

First i create a new domain: Using soap ```/services/TenantMgtAdminService``

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://services.mgt.tenant.carbon.wso2.org" xmlns:xsd="http://beans.common.stratos.carbon.wso2.org/xsd">
   <soapenv:Header/>
   <soapenv:Body>
      <ser:addTenant>
         <!--Optional:-->
         <ser:tenantInfoBean>
            <!--Optional:-->
            <xsd:active>true</xsd:active>
            <!--Optional:-->
            <xsd:admin>admin</xsd:admin>
            <!--Optional:-->
            <xsd:adminPassword>admin</xsd:adminPassword>
            <!--Optional:-->
            <xsd:createdDate>2019-07-01T00:00:00</xsd:createdDate>
            <!--Optional:-->
            <xsd:email>admin@test.com</xsd:email>
            <!--Optional:-->
            <xsd:firstname>admin</xsd:firstname>
            <!--Optional:-->
            <xsd:lastname>user</xsd:lastname>
            <!--Optional:-->
            <xsd:originatedService>?</xsd:originatedService>
            <!--Optional:-->
            <xsd:successKey>true</xsd:successKey>
            <!--Optional:-->
            <xsd:tenantDomain>test.com</xsd:tenantDomain>
            <!--Optional:-->
            <xsd:tenantId>1</xsd:tenantId>
            <!--Optional:-->
            <xsd:usagePlan>demo</xsd:usagePlan>
         </ser:tenantInfoBean>
      </ser:addTenant>
   </soapenv:Body>
</soapenv:Envelope>

Now i active the previous domain:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://services.mgt.tenant.carbon.wso2.org">
   <soapenv:Header/>
   <soapenv:Body>
      <ser:activateTenant>
         <!--Optional:-->
         <ser:tenantDomain>test.com</ser:tenantDomain>
      </ser:activateTenant>
   </soapenv:Body>
</soapenv:Envelope>

I wish to create a users in new domains or tenant, i use curl using scim api:

curl -k --user admin@test.com:admin --data '{"schemas":[],"name":{"familyName":"John","givenName":"Doe"},"userName":"newtestuser","password":"testPwd123"}' --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users

My WSO2IS is using configuration for email address as the username

My log for new user :

[2019-07-13 11:23:13,380] ERROR {org.wso2.carbon.identity.scim.provider.auth.BasicAuthHandler} -  Authentication failed for the user: admin@test.com@carbon.super

What i doing wrong? or what i missing?

1 answers

solution1
 2 ACCPTED  2019-07-13 13:50:33

If you are using email as username, the tenant's admin username also should be an email.

Hence, your curl should be as follows,

curl -k --user admin@test.com@test.com:admin --data '{"schemas":[],"name":{"familyName":"John","givenName":"Doe"},"userName":"newtestuser@abc.com","password":"testPwd123"}' --header "Content-Type:application/json" https://localhost:9443/t/test.com/scim2/Users

Here the SCIM endpoint of the tenant test.com should be: https://localhost:9443/t/test.com/scim2/Users

The username should be: newtestuser@abc.com (email as username)

Basic Authentication: admin@test.com@test.com (as this is a tenant user, we need to add the tenant domain as well.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WSO2 Identity Server not authentication against tenant ldap store Deployment synchronization commit for tenant -1234 failed WSO2 IS 5.0.0 WSO2 Redirect to login on failed SAML authentication Adding Tenant in WSO2 programmatically there is no tenant concept in WSO2 ML? Maximum tenant supported in WSO2 WSO2 inherit tenant policies WSO2 - Tenant based logging WSO2 APIM Authentication WSO2 ESB Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM