我正在IBM App Connect v11.0.0.6中尝试在Pet Store REST API上设置LDAP Auth。为此,我遵循了以下指南:
为LDAP 创建安全配置文件
我用我的";宠物;REST API将策略部署到同一个集成节点,然后在流属性中尝试选择ldapPolicy,但它不存在。当我手动输入并部署时,我会出现以下错误:
Begin running task [Deploying [pet.bar] to integration server [InteriorIntegration]]
The BAR file C:/WorkDir/workspace/pet/pet.bar has been deployed to InteriorIntegration but there were one or more failures which may mean the deployed resources will be unable to execute.
The following message was received:
BIP9339W: The values defined in the policy(s) 'ldapPolicy' in policy project 'ldapTest' match the values of the existing policy(s). Any deployed resources using the policy(s) will not be affected by the redeploy of the policy project.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP9320E: Message Flow 'gen.pet', 'gen.pet' encountered a failure and could not start.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP9320E: Message Flow 'gen.pet', 'gen.pet' encountered a failure and could not start.
BIP4761E: The message flow attempted to use 'SecurityProfiles' policy 'ldapPolicy', which has not been defined in the integration server.
BIP9333W: RestAPI 'pet' has been changed but contains errors which has prevented some resources from starting.
BIP1096E: The source 'pet.bar' has been deployed but there were one or more failures which may mean the deployed resources will be unable to execute.
The task did not complete successfully: The deployment was partially successful. Check error messages for explanation.
这是我的策略XML:
<?xml version="1.0" encoding="UTF-8"?>
<policies>
<policy policyType="SecurityProfiles" policyName="ldapPolicy" policyTemplate="SecurityProfiles">
<authentication>LDAP</authentication>
<authenticationConfig>ldap://example.com:389/ou=example</authenticationConfig>
<mapping>NONE</mapping>
<mappingConfig></mappingConfig>
<authorization>LDAP</authorization>
<authorizationConfig>ldap://example.com:389/ou=example</authorizationConfig>
<propagation>false</propagation>
<idToPropagateToTransport>Message ID</idToPropagateToTransport>
<transportPropagationConfig></transportPropagationConfig>
<keyStore>Reserved for future use</keyStore>
<trustStore>Reserved for future use</trustStore>
<passwordValue>PLAIN</passwordValue>
<rejectBlankpassword>true</rejectBlankpassword>
</policy>
</policies>
我错过了什么?
注:
BIP9339W: The values defined in the policy(s) 'ldapPolicy' in policy project 'ldapTest' match the values of the existing policy(s). Any deployed resources using the policy(s) will not be affected by the redeploy of the policy project.
编辑:我认为发生上述错误是因为ldapTest已经部署(?(。如果是,为什么我不能在安全配置文件下拉列表中选择此策略?
事件日志错误:
( Int.Server ) The message flow attempted to use ''SecurityProfiles'' policy ''ldapPolicy'', which has not been defined in the integration server.
Policies need to be set on the integration server. Use the administrative REST API to check that a '''SecurityProfiles'' policy called ''ldapPolicy' exists.
Use the toolkit to create the required policy and deploy it to the integration server, or adjust the message flow to avoid requiring the policy.
经过几天的尝试,我在文档中找到了答案,并进行了反复尝试,我发现要设置安全配置文件名称字段,必须使用特殊语法:
{PolicyProjectName}:PolicyName
因此,例如,如果您创建并部署MyPolicies项目,并且想要使用MyPolicy策略,则必须在Security Profile Name:中键入
{MyPolicies}:MyPolicy