Versions Compared

Old Version 5

changes.mady.by.user Former user

Saved on

compared with

New Version 6

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

By default, the embedded H2 database (JDBC) that is shipped with WSO2 products is configured as the primary user store, except for WSO2 Identity Server, which has an embedded LDAP as its primary user store. Its recommended to change this default configuration in the production system. Instead of using the embedded user store that comes with the product, you can set your own user store as the primary user store

Tip

Tip: You must disable the embedded user store that comes with the product. This ensures that it does not start up with the product.

...

.

...

...

org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager

...

Use ReadOnlyLDAPUserStoreManager to do read-only operations for external LDAP user stores.

...

Use ReadWriteLDAPUserStoreManager for external LDAP user stores to do both read and write operations. This is the user store manager configuration that is uncommented in the code in the user-mgt.xml file and considered the default in the Identity Server.

...

org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager

...

Use ActiveDirectoryUserStoreManager to configure an Active Directory Domain Service (AD DS) or Active Directory Lightweight Directory Service (AD LDS). This can be used only for read/write operations. If you need to use AD as read-only you must use org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.

...

org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager

...

Use JDBCUserStoreManager for both internal and external JDBC user stores. This is the default user store manager configuration for all WSO2 products excluding WSO2 Identity Server.


The user-mgt.xml file already has sample configurations for all of the above user stores. To enable these configurations, you must uncomment them in the code and comment out the ones that you do not need.

...

Setting up the primary user store

Primary user store is configured in the <PRODUCT_HOME>/repository/conf/user-mgt.xml file within the <UserStoreManager> section.

...

Info

If you are using LDAPS (secure) to connect to the Active Directory, you need to import its public certificate to the client-truststore.jks of the WSO2 product you are configuring.

See Working with Properties of User Stores for a comprehensive understanding on the configuration details.