User management functionality is provided by default in all WSO2 Carbon-based products and is configured in the user-mgt.xml file xml file found in the <PRODUCT_HOME>/repository/conf/ directory. This documentation explains how to set up a repository for storing authorization information (role-based permissions) and how to change the relevant configurations.
According to the default configuration in WSO2 products, the Users, Roles and Permissions are stored in the same repository (i.e., the default, embedded H2 database). However, you can change this configuration in such a way that the Users and Roles are stored in one repository (User Store) and the Permissions are stored in a separate repository. A user store can be a typical RDBMS, an LDAP or an external Active Directory. For information on how the repositories for storing information about users and roles are configured, see Configuring User Stores.
The repository that stores Permissions should always be an RDBMS. The Authorization Manager configuration in the user-mgt.xml file (stored in the <PRODUCT_HOME>/repository/conf/ directory) connects the system to this RDBMS.
...
Property Name | Description | Mandatory/Optional |
|---|---|---|
dataSource | This is the jndi name of the datasource should be used to refer the datasource that is used for referring to the datasource. In the following example, the jndi name of the default datasource defined in the | Mandatory |
isCascadeDeleteEnabled | This property is set to 'true' by default, which enables cascade delete for the UM_USER_PERMISSION and UM_ROLE_PERMISSION tables when a permission gets deleted from the UM_PERMISSION table. That is, if a record in the parent table is deleted the corresponding records in the child table will be automatically deleted. | Mandatory |
...