WSO2 API manager: ActiveDirectory as second user store

Question

I have create my configuration file for the second user store here: /opt/wso2am-1.7.0/repository/deployment/server/userstores i named it with the name of my domain (sub_dom_local.xml my domain is sub.dom.local) and I set as primary user store a jdbc store. When I try to login with a domain user name I obtain this error: [2014-06-25 10:48:39,828] ERROR - System error while Authenticating/Authorizing User : [Ljava.lang.Object; cannot be cast to [Ljava.lang.String; {org.wso2.carbon.core.services.authentication.AuthenticationAdmin}

I am sure than I have insert the correct username and password, I enabled the debug loggr and I see in the log that the Authentication procedure connected to the Active directory and retrieve all the information. If I insert a wrong password i do not have the error but I have the information for the wrong password. Could you help me? Thanks Jack

Answer 1

Try this configuration:

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">
...
 <Property name="MemberOfAttribute"/>
...
</UserStoreManager>

You do not specify the MemberOfAttribute. Matteo

Answer 2

When the ActiveDirectoryUserStoreManager is enabled it seems we need to enable GetAllRolesOfUserEnabled property in Authorization manager as follows in user manager configuration

`<AuthorizationManager class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
<Property name="GetAllRolesOfUserEnabled">true</Property>
</AuthorizationManager>

`

Otherwise it is throwing the exception you have mentioned.