wso2身份服务器多重身份验证错误

问题描述:

我无法实施多因素身份验证.

I am unable to implement Multifactor Authentication .

我得到的错误是

TID: [0] [WSO2 Identity Server] [2012-10-30 10:31:38,620] ERROR     {org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider} -  login failed. Trying     again.. {org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider}
SASL authentication failed: 
    at org.jivesoftware.smack.SASLAuthentication.authenticate    (SASLAuthentication.java:209)
    at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:341)
    at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:301)

这是针对 wso2 身份服务器 3.2.3 的.直接开箱即用.没有执行额外的配置来运行这个 Identity Server 实例.

This is for wso2 Identity Server 3.2.3 . Straight out of the box. No additional configuration performed to run this instance of Identity Server.

似乎以 admin 身份登录,完成 ldap 身份验证,然后在出现错误时尝试使用 gtalk 进行身份验证.

It appears that signing in as admin , the ldap authentication is completed and then authentication with gtalk is attempted when the error occurs.

我应该在设置 gtalk 的 identity.xml 中设置自己的配置吗?

Should I be setting my own configuration in the identity.xml where gtalk is being set?

<MultifactorAuthentication>

    <XMPPSettings>

        <XMPPConfig>

            <XMPPProvider>gtalk</XMPPProvider>

            <XMPPServer>talk.google.com</XMPPServer>

            <XMPPPort>5222</XMPPPort>

            <XMPPExt>gmail.com</XMPPExt>

            <XMPPUserName>multifactor1@gmail.com</XMPPUserName>

            <XMPPPassword>wso2carbon</XMPPPassword>

        </XMPPConfig>

    </XMPPSettings>

</MultifactorAuthentication>

我发现我确实需要设置一个 Google Talk 帐户.

I found out that I do need to set up a Google talk account.

  1. 我将新设置添加到 MultifactorAuthentication 配置中.

  1. I added the new settings to the MultifactorAuthentication configuration.

我重新启动了服务器.

I restarted the server.

我使用另一个新的 Google Talk 帐户编辑​​了用户帐户.

I edited the user account with another new Google talk account.

我退出了.

通过使用 openid 的依赖方 URL 重新登录,

Logged back in via relyingparty URL with openid,

通过 gtalk 请求 pin 接收到通信.

received communication over gtalk requesting pin.

我输入了 PIN 码并登录了.

I entered the pin and got logged in.

如果 wso2 有他们的文档需要为此配置设置设置以使多因素身份验证开箱即用,那就太好了.

It would have been nice if wso2 had I their documentation the need to setup the settings for this configuration to get multifactor authentication to work out of the box.