我正在使用 Identity Server 4.1.0,并且还在 Apache Directory Studio 中运行 ApacheDS。所以我现在想要的是将我的 IS 连接到外部 LDAP。
IS 与 ldap 的连接良好,只是由于缺少属性定义而引发错误。至少这是我对堆栈跟踪的解释。
我看到其他人也尝试过:
WSO2 外部 LDAP 不工作 https://stackoverflow.com/questions/14735385/wso2-external-ldap-not-working但我的错误是不同的。
我还看到这篇博客中很好地解释了如何使用 Directory Studio,但它似乎都在 IS 的嵌入式 LDAP 上运行:
http://www.soasecurity.org/2012/11/multiple-user-store-manager-feature.html http://www.soasecurity.org/2012/11/multiple-user-store-manager-feature.html
任何帮助表示赞赏!
提前致谢
最好的,
约翰内斯
这里的错误:
TID: [0] [IS] [2013-06-26 15:26:00,220] ERROR
{org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} - Can
not access the directory context or user already exists in the system
{org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager}
javax.naming.NamingException: [LDAP: error code 80 - OTHER: failed for
MessageType : ADD_REQUEST Message ID : 5
Add Request : Entry
dn[n]: uid=admin,ou=Users,dc=wso2,dc=org
objectClass: identityPerson
uid: admin
sn: admin
userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...'
cn: admin
ManageDsaITImpl Control
Type OID : '2.16.840.1.113730.3.4.2'
Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at
com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at
com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method) at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225)
at
org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147)
at
org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113)
at
org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116)
at
org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67)
at
org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)
at java.security.AccessController.doPrivileged(Native Method) at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683)
at
org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381)
at
org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389)
at
org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340)
TID: [0] [IS] [2013-06-26 15:26:00,223] ERROR
{org.wso2.carbon.user.core.common.DefaultRealm} - Cannot create
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager
{org.wso2.carbon.user.core.common.DefaultRealm}
java.lang.reflect.InvocationTargetException at
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225)
at
org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147)
at
org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113)
at
org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116)
at
org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67)
at
org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)
at java.security.AccessController.doPrivileged(Native Method) at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683)
at
org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381)
at
org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389)
at
org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340)
Caused by: org.wso2.carbon.user.core.UserStoreException: Can not
access the directory context or user already exists in the system at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:251)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142)
... 27 more Caused by: javax.naming.NamingException: [LDAP: error
code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 5
Add Request : Entry
dn[n]: uid=admin,ou=Users,dc=wso2,dc=org
objectClass: identityPerson
uid: admin
sn: admin
userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...'
cn: admin
ManageDsaITImpl Control
Type OID : '2.16.840.1.113730.3.4.2'
Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at
com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at
com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242)
... 30 more TID: [0] [IS] [2013-06-26 15:26:00,225] ERROR
{org.wso2.carbon.user.core.common.DefaultRealmService} - Cannot
initialize the realm.
{org.wso2.carbon.user.core.common.DefaultRealmService}
org.wso2.carbon.user.core.UserStoreException: nullType class
java.lang.reflect.InvocationTargetException at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:266)
at
org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147)
at
org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113)
at
org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116)
at
org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67)
at
org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)
at java.security.AccessController.doPrivileged(Native Method) at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683)
at
org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381)
at
org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389)
at
org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340)
Caused by: java.lang.reflect.InvocationTargetException at
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225)
... 22 more Caused by: org.wso2.carbon.user.core.UserStoreException:
Can not access the directory context or user already exists in the
system at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:251)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142)
... 27 more Caused by: javax.naming.NamingException: [LDAP: error
code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 5
Add Request : Entry
dn[n]: uid=admin,ou=Users,dc=wso2,dc=org
objectClass: identityPerson
uid: admin
sn: admin
userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...'
cn: admin
ManageDsaITImpl Control
Type OID : '2.16.840.1.113730.3.4.2'
Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at
com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at
com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242)
... 30 more TID: [0] [IS] [2013-06-26 15:26:00,226] ERROR
{org.wso2.carbon.user.core.internal.Activator} - Cannot start User
Manager Core bundle {org.wso2.carbon.user.core.internal.Activator}
org.wso2.carbon.user.core.UserStoreException: Cannot initialize the
realm. at
org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:227)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116)
at
org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:67)
at
org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)
at java.security.AccessController.doPrivileged(Native Method) at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683)
at
org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381)
at
org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:389)
at
org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1130)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340)
Caused by: org.wso2.carbon.user.core.UserStoreException: nullType
class java.lang.reflect.InvocationTargetException at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:266)
at
org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147)
at
org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113)
at
org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223)
... 19 more Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method) at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225)
... 22 more Caused by: org.wso2.carbon.user.core.UserStoreException:
Can not access the directory context or user already exists in the
system at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:251)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:211)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1805)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142)
... 27 more Caused by: javax.naming.NamingException: [LDAP: error
code 80 - OTHER: failed for MessageType : ADD_REQUEST Message ID : 5
Add Request : Entry
dn[n]: uid=admin,ou=Users,dc=wso2,dc=org
objectClass: identityPerson
uid: admin
sn: admin
userPassword: '0x7B 0x53 0x48 0x41 0x7D 0x30 0x44 0x50 0x69 0x4B 0x75 0x4E 0x49 0x72 0x72 0x56 ...'
cn: admin
ManageDsaITImpl Control
Type OID : '2.16.840.1.113730.3.4.2'
Criticality : 'false' ' : ERR_04269 OBJECT_CLASS for OID identityperson does not exist!]; remaining name 'uid=admin' at
com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3111) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at
com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at
com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:400) at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197)
at
org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doAddUser(ReadWriteLDAPUserStoreManager.java:242)
... 30 more
<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
<Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder</Property>
</Configuration>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
<!--Property name="defaultRealmName">EXAMPLE.COM</Property-->
<Property name="ConnectionURL">ldap://localhost:10389</Property>
<Property name="ConnectionName">uid=admin,ou=system</Property>
<Property name="ConnectionPassword">secret</Property>
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserEntryObjectClass">inetOrgPerson</Property>
<Property name="UserSearchBase">ou=system</Property>
<!--Property name="UserSearchBase">ou=Users,dc=example,dc=com</Property-->
<Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="WriteLDAPGroups">true</Property>
<Property name="EmptyRolesAllowed">false</Property>
<Property name="GroupSearchBase">ou=system</Property>
<!--Property name="GroupSearchBase">ou=Groups,dc=example,dc=com</Property-->
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupEntryObjectClass">groupOfNames</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<!-- added by joe -->
<!--Property name="UserDNPattern">uid={0},ou=Users,dc=example,dc=com</Property-->
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="maxFailedLoginAttempt">0</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
</AuthorizationManager>
</Realm>