使用Ldap进行worklight服务器身份验证

本文介绍了使用Ldap进行worklight服务器身份验证的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我想使用ApacheDS LDAP对用户进行身份验证，然后将其与我的worklight服务器（自由配置文件）集成。 对于我在http端点元素之后使用以下代码修改了server.xml。

I want to authenticate users using ApacheDS LDAP and then integrate it with my worklight server(liberty profile). For that i modified server.xml with the following code after http endpoint element.

<ldapRegistry id="ldap" > realm="LdapRegistry" host="localhost" port="10389" ignoreCase="true" baseDN="dc=partition1,dc=com" bindDN="uid=admin,ou=system" userFilter="(&(uid=%v)(objectclass=inetOrgPerson))" bindPassword="secret" ldapType="ApacheDS 2.0.0" </ldapRegistry>

"<securityTests> <customSecurityTest name="LDAPSecurityTest"> <test isInternalUserID="true" realm="LDAPRealm"/> </customSecurityTest> <customSecurityTest name="LDAPSecurityTestForWLConsole"> <test isInternalUserID="true" realm="WorklightConsole"/> </customSecurityTest> </securityTests> <realms> <realm loginModule="LDAPLoginModule" name="LDAPRealm"> <className>com.worklight.UsernamePasswordJSONAuthenticator</className> </realm> <realm loginModule="StrongDummy" name="SampleAppRealm"> <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className> </realm> <realm loginModule="LDAPLoginModule" name="WorklightConsole"> <className>com.worklight.core.auth.ext.FormBasedAuthenticator</className> <onLoginUrl>/console</onLoginUrl> </realm> </realms> <loginModules> <loginModule name="LDAPLoginModule"> <className>com.worklight.LDAPLoginModule</className> <parameter name="ldapHost" value="ldap://localhost:10389"/> <parameter name="ldapDomain" value="localhost:10389"/> <parameter name="searchBase" value="dc=partition1,dc=com"/> <!-- In case credentials are successfully validated check user's memberOf property for this string. Can be used to check whether user belongs to specific LDAP unit or group. Leave value empty to skip this check. --> </loginModule> <loginModule name="StrongDummy"> <className>com.worklight.core.auth.ext.NonValidatingLoginModule</className> </loginModule> <loginModule name="requireLogin"> <className>com.worklight.core.auth.ext.SingleIdentityLoginModule</className> </loginModule> </loginModules> </tns:loginConfiguration>

worklight服务器控制台停止工作。 以下来自ibm站点和支持中心的LDAP登录模块，用于配置自由配置文件。 请帮助

The worklight server console stops working. Following LDAP login module from ibm site and support centre for configuring to liberty profile. Kindly help

推荐答案

第一点：我认为LDAP类型ApacheDS 2.0.0不正确。 支持的类型是：

First point: I think that the LDAP type "ApacheDS 2.0.0" is not correct. The supported types are:

Microsoft Active Directory

自定义

IBM Lotus Domino Novell eDirectory

IBM Tivoli Directory Server

Sun Java System Directory Server

Netscape Directory Server

IBM SecureWay Directory Server

Microsoft Active Directory

Custom

IBM Lotus Domino Novell eDirectory

IBM Tivoli Directory Server

Sun Java System Directory Server

Netscape Directory Server

IBM SecureWay Directory Server

所以肯定必须使用自定义。

So surely Custom has to be used.

第二点：你必须添加 userIdMap =*：uid。 所以请尝试：

Second point: you have to add userIdMap="*:uid". So try with:

<ldapRegistry id="ldap" > realm="LdapRegistry" host="localhost" port="10389" ignoreCase="true" baseDN="dc=partition1,dc=com" bindDN="uid=admin,ou=system" userFilter="(&amp;(uid=%v)(objectclass=inetOrgPerson))" userIdMap="*:uid" bindPassword="secret" ldapType="Custom" </ldapRegistry>