1

We managed to setup LDAP as a secondary User Store in the WSO2 Governance Registry Management Console 5.3.0 (Carbon). We see the Users/Roles were loaded correctly and we can access Management Console (Carbon) with those users.

However despite of the LDAP users having "Internal/store" permission, they cannot access/sign in to WSO2 Governance Center - STORE. The error on the Sign In page is: "Insufficient priveleages to access the Store application."

Jo2o
  • 11
  • 4
  • In your CARBON_HOME/repository/conf/user-mgt.xml, inside the AuthorizationManager Block have you set the GetAllRolesOfUserEnabled property to true? the default is false and has caused this issue for me before. – jchaplin May 10 '17 at 15:58
  • thanks so much for the hint, however my problem was that I did not specify the domain name in front of the username – Jo2o May 11 '17 at 11:51

1 Answers1

0

Managed to solve the problem just with putting the domain name of the User Store and forward slash in front of the LDAP username: <domain_name>/<user_name>

When the username is specified without the domain name, the Store application gives misleading error: "Insufficient priveleages to access the Store application." I think it should respond with different error, for example: "The provided username and password combination is incorrect."

Jo2o
  • 11
  • 4