Versions Compared

Old Version 3

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleBefore you begin

The following items are things to note before you begin.

  • Only system administrators can add, modify and remove users and roles. To set up administrators, see Configuring the System Administrator

  • Your product has a primary user store where the users/roles that you create using the management console are stored by default. It's default RegEx configurations are as follows. RegEx configurations ensure that parameters like the length of a user name/password meet the requirements of the user store. See Working with Properties of User Stores Configuring the Primary User Store for more information of these properties.

    Code Block
    PasswordJavaRegEx------------ ^[\S]{5,30}$
PasswordJavaScriptRegEx-----  ^[\S]{5,30}$
UsernameJavaRegEx----------- ^~!#$;%*+={}\\- [a-zA-Z0-9._-|//]{3,30}$
UsernameJavaScriptRegEx-----  ^[\S]{3,30}$
RolenameJavaRegEx--------- ^~!#$;%*+={}\\{---  [a-zA-Z0-9._-|//]{3,30}$
RolenameJavaScriptRegEx-----  ^[\S]{3,30}$

    When creating users/roles, if you enter a username, password etc. that does not conform to the RegEx configurations, the system throws an exception. You can either change the RegEx configuration or enter values that conform to the RegEx. If you change the default user store or set up a secondary user store, configure the RegEx accordingly under the user store manager configurations in <IS_HOME>/repository/conf/user-mgt.xml file.

  • The permission model of WSO2 Identity Server is hierarchical. Permissions can be assigned to a role in a fine-grained or a coarse-grained manner.

    Info

    Coarse-grained permissions define large sub components subcomponents such as 'Application Management' or 'Claim Management'. Using coarse-grained permissions you can assign permissions to roles based on these large sub componentssubcomponents.

    Fine-grained permissions control access to smaller sub components subcomponents or sub tasks subtasks of the component such as 'create application', 'delete application' etc.

    WSO2 Carbon maintains roles and permissions in the Carbon database, but it can also read users/roles from the configured User Store.

...