Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Instead of using the embedded user storedatabase, you can set your own user store as the up a separate repository and configure it as your primary user store. Since the user store you want to connect to might have different schemas from the ones available in the embedded user store, it needs to go through an adaptation process. WSO2 products provide the following adapters, for connecting to LDAP, Active Directory and JDBC. Thereby, these adapters enable you to authenticate users from different types of user stores and plug into LDAP, Active Directory, and JDBC to perform authentication:.

User store manager classDescription
org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager

Use ReadOnlyLDAPUserStoreManager to do read-only operations for external LDAP user stores.

org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager

Use ReadWriteLDAPUserStoreManager for external LDAP user stores to do both read and write operations. This is the user store configuration which is uncommented in the code in the user-mgt.xml file for WSO2 Identity Server.

org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager

Use ActiveDirectoryUserStoreManager to configure an Active Directory Domain Service (AD DS) or Active Directory Lightweight Directory Service (AD LDS). This can be used only for read/write operations. If you need to use AD as read-only you must use org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.

org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager

Use JDBCUserStoreManager for both internal and external JDBC user stores.

The user-mgt.xml file already has sample configurations for all of the above user stores. To enable the required user store configuration, you must uncomment them in the code and comment out the ones that you do not need as explained belowin the following topics.