Configure a Read-Write LDAP as a Secondary User Store in WSO2 EI

Photo by Leif Christoph Gottwald on Unsplash

You might already know that we can have number of secondary user stores in WSO2 Enterprise Integrator (EI), as per the use cases :)

For this article I’m using WSO2 EI version 6.6.0

How to configure LDAP ?

WSO2 Identity Server (IS) contains a Lightweight Directory Access Protocol (LDAP), in-house ! You can use it by starting the IS product pack. I’m using WSO2 IS 5.11.0 in this article.

Let’s start !!

Start the WSO2 Identity Server

1. First you have to download the WSO2 IS 5.11.0 pack. You can get it from here.

2. Get the latest updates providing the following command inside the <product home> / bin

./wso2update_darwin

3. Then start the server, in the same location where you updated the pack. Here you have to provide an offset because the EI also uses the same port that IS server uses by default. Hence I’m using the offset as 1 here.

sh wso2server.sh -DportOffset=1

Then the carbon console for the WSO2 Identity Server will be up and running in port 9444 (in default setting).

The port of the connection URL for in-house LDAP in IS 10389 by default. But we started the IS pack with offset = 1. Hence the port of the connection URL will be 10390.

Start the Enterprise Integrator

4. Download the WSO2 EI 6.6.0 pack and get the latest updates referring to step 2.

5. Start the EI pack, providing the following command in the same location where you updated the pack.

sh integrator.sh

The EI will be up and running in port 9443.

Create the Secondary User Store

6. Access the carbon console of the EI from the URL https://localhost:9443/carbon/admin/login.jsp

7. Go to the Configure section in Left Menu. Select User Stores → Add to add new user store. For User Store Manager Class, select org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager from the dropdown.

8. Create a user store providing a domain name and the other configurations. You can refer the official documentation here to get the configs in detail. Here’s a sample config :

• Domain Name : abc
• Connection URL: ldap://localhost:10390
• Connection Name: uid=admin,ou=system
• Connection Password: admin
• User Search Based: ou=Users,dc=wso2,dc=org

9. Go to section Main in left menu. Select Users and Roles → Add → Add New User.

10. For the following dropdown, select the domain you provided in step 8. In this case it’s abc

Add several users selecting the domain as above. The ‘user1’ and ‘user2’ in the following image are some example users.

Cheers!! you have created the Secondary LDAP user store!.

See you !!!