工作灯是基于Tomcat的配置自由配置文件配置 [英] Worklight WAS Liberty profile configuration based on Tomcat configuration

问题描述

有关试点项目，我们已经建立了一个用的是自由曲线的工作灯服务器。我们立足它放在一个Tomcat服务器（用于RTC）在同一台机器上的配置LDAP配置，但他们似乎并不propertly映射到对方（在这个意义上，我们不能只是复制粘贴配置。我们已经走过的地方登录到LDAP服务器（Active Directory服务器）的工作点，但是登录不工作，不从失败的登录日志中返回的错误信息分开。我我相当肯定绑定到LDAP服务器的成功，在配置更改密码的任何其他值，以正确的时候，因为，日志显示了关于这一个问题。

For a Pilot project we've set up a Worklight server on a WAS using the Liberty profile. We're basing it on the configuration LDAP configuration of a Tomcat server (used for RTC) on the same machine, but they don't seem to map propertly to each other (in the sense that we can't just "copy-paste" the configuration. We've come to the point where logging into the LDAP server (An Active Directory server) works, but the login doesn't work and doesn't return any error message apart from a failed login in the logs. I am rather sure the binding to the LDAP server succeeds, since when changing the password in the configuration to any other value to the correct one, the log shows a problem regarding it.

是否可以看看这些配置，看看有什么地方出错了？

Is it possible to take a look at these configurations and see what could be wrong?

的配置如下：

有关Tomcat服务器：

For the Tomcat server:

<Realm className="org.apache.catalina.realm.JNDIRealm" 
connectionName="OurCompanyName\JAZZ" connectionPassword="password" 
connectionURL="ldap://servername:389" debug="99" 
referrals="follow" 
roleBase="OU=Security Groups,OU=MyBusiness,DC=OurCompanyName,DC=local" 
roleName="cn" roleSearch="(member={0})" roleSubtree="true"  
userBase="OU=SBSUsers,OU=Users,OU=MyBusiness,DC=OurCompanyName,DC=local" 
userSearch="(sAMAccountName={0})" 
userSubtree="true">

有关WAS的自由简介：

For the WAS Liberty profile:

<ldapRegistry 
ldapType="Microsoft Active Directory"
bindDN="OurCompanyName\JAZZ"
bindPassword="password" 
baseDN="OU=Security Groups,OU=MyBusiness,DC=OurCompanyName,DC=local"
host="servername" 
id="ActiveDirectoryLDAP"
port="389" 
ignoreCase="true" 
userFilter="&amp;(sAMAccountname={0})"
groupFilter="&amp;(member={0})"     
referral="follow"
roleSubtree="true"
userSubtree="true"
userIdMap="*:uid"
groupIdMap="*:cn"
debug="99"> 
</ldapRegistry>

谢谢

克里斯托夫

推荐答案

什么是你的自由配置文件的版本？

What is the version of your Liberty Profile ?

的全力支持自由转介仅在8.5.5.1（或8.5.5.0用的iFix）和属性名是转诊不推荐（见的 http://www-01.ibm.com/support/docview.wss?uid=swg1PM96984 ）

The full support of referrals in Liberty is only in 8.5.5.1 (or 8.5.5.0 with an iFix) and the property name is referal not referral (see http://www-01.ibm.com/support/docview.wss?uid=swg1PM96984)

您还必须定义属性loginProperty =UID（尚未证明）。此外roleSubtree，userSubree，调试似乎不支持。

You must define also an attribute loginProperty="uid" (not yet documented). Also roleSubtree, userSubree, debug seem not supported.

这篇关于工作灯是基于Tomcat的配置自由配置文件配置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！