Dear Krzysztof,
i have a question about registration forms combined with ldapWeb. I'm
using Unity-IdM version 2.3.0. The registration form should be called
whenever a (local) unknown user has logged in via ldapWeb at an
OAuth2Authz endpoint. What i want to achieve is that new users need to
confirm their email-address before they can use the service / before
they get a local Unity-IdM entity. When a unknown user logs in the logs
shows:
2018-01-16T14:05:49,938 [qtp2016562839-38] DEBUG
unity.server.externaltranslation.InputTranslationRule: [[TrProfile
ldapTP], [r: 1]]Condition OK
2018-01-16T14:05:49,963 [qtp2016562839-38] DEBUG
unity.server.externaltranslation.MapIdentityAction: [[TrProfile ldapTP],
[r: 1], [ldap -
uid=kreuzer1,ou=webusers,ou=jsc,dc=fz-juelich,dc=de]]Mapped identity: [x5
00Name] uid=kreuzer1,ou=webusers,ou=jsc,dc=fz-juelich,dc=de
2018-01-16T14:05:49,964 [qtp2016562839-38] DEBUG
unity.server.externaltranslation.InputTranslationRule: [[TrProfile
ldapTP], [r: 2]]Condition OK
2018-01-16T14:05:49,975 [qtp2016562839-38] DEBUG
unity.server.externaltranslation.MapAttributeAction: [[TrProfile
ldapTP], [r: 2], [ldap -
uid=kreuzer1,ou=webusers,ou=jsc,dc=fz-juelich,dc=de]]Mapped attribute: e
mail:
[{"value":"t.k...@fz...","confirmationData":{"confirmed":false,"confirmationDate":0,"sentRequestAmount":0},"tags":[]}]
2018-01-16T14:05:49,979 [qtp2016562839-38] DEBUG
unity.server.externaltranslation.InputTranslationEngineImpl: No identity
needs to be added
2018-01-16T14:05:49,980 [qtp2016562839-38] INFO
unity.server.externaltranslation.InputTranslationEngineImpl: The mapped
identity does not exist in database and was not created. The creation of
groups and attributes is skipped, the mapped groups and attributes will
be available for the registration form (if any)
2018-01-16T14:05:56,512 [pool-2-thread-4] DEBUG
unity.server.EntitiesScheduledUpdater: Performing scheduled operations
on entities
But a registration form is never shown. In the web browser is a red
rectangle with "Authentication failed - Invalid user name, credential or
external authentication failed.".
Is a registration form in the combination with a OAuth2Authz endpoint /
"ldap with web-password"-authenticator possible? If yes, which part of
the configuration have i missed?
I attached the complete log file and my configuration.
Thank you very much in advance,
Tim Kreuzer
ps: to see my configured registration form or translation profile please
look into configuration.conf.
--
M.Sc. Tim Kreuzer
Federated Systems and Data
Jülich Supercomputing Centre, http://www.fz-juelich.de/jsc
Phone: +49 2461 61-1583
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
-----------------------------------------------------------------------
-----------------------------------------------------------------------
|
