Connecting Open LDAP to Micro Integrator and configuring the Monitoring Dashboard
When the developers build integrations and deploy in the environments, the users should be able to see the deployment status. This facilitates by the WSO2 Micro Integrator Monitoring Dashboard (MI Dashboard).
In the current MI dashboard, two roles are provided which are “admin” and “non-admin”. All the users in the LDAP will be non-admin users. The user with an “admin” role can login to the dashboard and provide the other users with the “admin” role and create users and provide with roles if necessary.
Customers frequently asks how to integrate there own LDAP to the dashboard, so that they can provide there own employees to access the dashboard. It is quite simple as follows.
How Micro Integrator and Dashboard Communication Works
- Micro integrator server registers it self with the provided dashboard runtime in MI deployment.toml
- The dashboard periodically sends heartbeats to check the availability of the server.
- When a user logs into the dashboard, it will send an request to the management API of the micro integrator for user authentication using the LDAP credentials available in the MI dashboard deployment.toml.
Configuring Micro Integrator and the Dashboard
You could refer to the documentation on how to configure the communication between MI and Dashboard.
Additionally, with respect to the LDAP that is being used, the following configurations has to be changed.
If the users and admin group are defined as below,
The userstore configuration in the MI deployment has to be in the following manner with the following attributes.
[user_store]
connection_url = "ldap://localhost:10389"
connection_name = "cn=admin,dc=seller-delivery,dc=com"
class = "org.wso2.micro.integrator.security.user.core.ldap.ReadWriteLDAPUserStoreManager"
type = "read_write_ldap"
connection_password = "admin"
user_search_base = "ou=employees,dc=seller-delivery,dc=com"
group_search_base = "ou=groups,dc=seller-delivery,dc=com"
group_name_list_filter = "(objectClass=groupOfUniqueNames)"
group_name_search_filter = "(&(objectClass=groupOfUniqueNames)(cn=?))"
membership_attribute = "uniqueMember"
user_entry_object_class = "identityPerson"
group_entry_object_class = "groupOfUniqueNames"
group_name_attribute = "cn"
user_name_attribute = "uid"
user_name_search_filter = "(&(objectClass=person)(uid=?))"
user_name_list_filter = "(objectClass=person)"The MI dashboard should contain the following configuration
[mi_user_store]
username = "Delvon"
password = "Delvon123"Starting Micro Integrator and the Dashboard and Login
After starting the Dashboard and the MI afterwards, if all the configurations are correct, the dashboard logs should contain the following logs mentioning the MI server connected successfully to the dashboard.
[2024-01-24 10:49:42,936] INFO {HeartBeatDelegate} - New node node_1 in group : mi_dev is registered. Inserting heartbeat information
[2024-01-24 10:49:43,434] INFO {InMemoryDataManager} - Inserting heartbeat details of node node_1 in group mi_dev
[2024-01-24 10:49:43,435] INFO {MiArtifactsManager} - Fetching artifacts from node node_1 in group mi_dev
[2024-01-24 10:49:43,438] INFO {InMemoryDataManager} - Adding serverInfo of node node_1 in group mi_devThen when you login with a user with the admin role, you should be able to see the “global settings”.
And the non-admin users will see the below view without the “global settings”
I hope this brings you some insight on how to setup the MI dashboard with the ability to login with the LDAP users.