Wednesday, June 3, 2009

Connecting WSO2 Identity Server 2.0 to an LDAP based user store

WSO2 Identity Server 2.0 is a free and open source identity and entitlement management server, available to download from here...

Here, we'll be discussing all the steps required to deploy WSO2 Identity Server over an LDAP user store.

First we need to setup an LDAP server.

You may download Apache Directory Studio from here and set it up.

This explains all what you need to set it up.

1. Log in to Identity Server as an admin and go to User Manager and click on 'Add External User Store'.

2. Add your LDAP server settings and click Finish.

3. Click on 'Test Connection' to test the connectivity.

4. Click on 'External Users' and then 'Search' to list users from the external user store.

5. Go back to the previous screen and click on 'External Roles'. And then 'Add New Internal Roles'. Here we are going to create a new internal role for external users.

6. Give the new role a name.

7. Select a set of permissions.

8. Search users from the external user store and add them to the role.

9. Now - we need to map the LDAP attributes the claims read by Carbon.

10.Default claim dialect for Carbon is Click on it - under 'External User Store'.

11.Click on the claims you want to change and set it's attribute name properly to the LDAP attribute.

That's and we are done. Now users from the LDAP user store can login to WSO2 Identity Server.