WSO2 Carbon's default configuration has a single user store. If required, it can be configured to connect to multiple user stores as well, so that users in any of the configured user stores are able to log in and perform operations depending on their roles/permissions. In addition, users are able to configure their own user stores out-of-the-box. This section explains how to set up multiple user stores in WSO2 products.
Before you begin:
If you are setting up a database other than the default H2 that comes with the product to store user information, select the script relevant to your database type from the <PRODUCT_HOME>/dbscripts folder and run it on your database. It creates the necessary tables.
Configuring multiple user stores via the UI
- Log in to the WSO2 Carbon management console.
On the Configure menu, click User Store Management under Configure.
When there are no multiple user stores defined, the default view is as follows:You cannot update the PRIMARY user store at run time, so it is not visible in this view.
- Click Add Secondary User Store.
- Select the required implementation of user store manager from the drop-down menu. The displayed property list will vary, based on the selected user store manager implementation.
- By default, all the WSO2 products are shipped with four user store manager implementations, which are as follows:
- ReadWriteLDAPUserStoreManager
- ReadOnlyLDAPUserStoreManager
- ActiveDirectoryUserStoreManager
- JDBCUserStoreManager
- Additionally, if you want other custom user store manager implementations to be available, it is also possible. A sample custom user store manager can be found in the repository. When it is added to the server, it also appears in this drop-down menu.
- By default, all the WSO2 products are shipped with four user store manager implementations, which are as follows:
Enter a unique domain name and fill in the other data to define the user store. For details on each property, see the respective property description that is provided.
The domain name should not include the '_' (underscore) character.
Click Add .
If all the mandatory parameters are filled and a valid domain name is provided, the following notification displays. At this moment, WSO2 Carbon is attempting to add the new user store to the available chain of user stores.This is added to the very end of the chain of user stores.
The above message does not imply that the user store is added successfully. This can be checked in the following step.
- Refresh the page. If the new user store has been successfully added, it will appear in the table.
Now we have a newly defined secondary user store in action. You can also edit the properties of the defined secondary user stores and enable/disable them in a dynamic manner.
Configuring multiple user stores manually
By default, the configuration of the primary user store is saved in the user-mgt.xml file. When you create a secondary user store, its configuration is saved to an XML file with the same name as the domain you specified. If desired, you can create this XML file manually and save it as follows:
- If it is the configuration of a super tenant, the secondary user store definitions should go into the <
PRODUCT_HOME>/repository/deployment/server/userstores/directory. - If it is a general tenant, the configuration should go into the <
CARBON_HOME>/repository/tenants/<tenantid>/userstoresdirectory. - The secondary user store configuration file should have the same name as the domain with an underscore (_) in place of the period. For example, if the domain is
wso2.com, name the file as follows:wso2_com.xml - One file only contains the definition for one user store domain.
- If it is the configuration of a super tenant, the secondary user store definitions should go into the <