Unknown macro: {next_previous_links}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Before you begin, note the following:

  • Only system administrators can add, modify and remove users and roles. To set up administrators, see Realm Configuration
  • Your product has a primary user store where the users/roles that you create using the management console are stored by default. It's default RegEx configurations are as follows. RegEx configurations ensure that parameters like the length of a user name/password meet the requirements of the user store.

    PasswordJavaRegEx-------- ^[\S]{5,30}$
    PasswordJavaScriptRegEx-- ^[\S]{5,30}$
    UsernameJavaRegEx-------- ^~!#$;%*+={}\\{3,30}$
    UsernameJavaScriptRegEx-- ^[\S]{3,30}$
    RolenameJavaRegEx-------- ^~!#$;%*+={}\\{3,30}$
    RolenameJavaScriptRegEx-- ^[\S]{3,30}$

    When creating users/roles, if you enter a username, password etc. that does not conform to the RegEx configurations, the system throws an exception. You can either change the RegEx configuration or enter values that conform to the RegEx. If you change the default user store or set up a secondary user store, configure the RegEx accordingly under the user store manager configurations in <BAM_HOME>/repository/conf/user-mgt.xml file. 

Go to the relevant topic listed below for details:

Adding a new user and assigning roles

Follow the instructions below to add a new user account and configure its role.

  1. Log on to the product's Management Console. In the Configure  menu, click Users and Roles. Users and roles
  2. Click Users from the User Management page that opens.

    The User link is only visible to users with   Administrator   permission.

  3. Click  Add New User.
  4. The   Add User   page opens. Enter the user name and password. The Domain drop-down list contains all user stores configured for this product instance. By default, you only have the PRIMARY user store. To configure secondary user stores, see Configuring Secondary User Stores.
  5. If you want to add a user with the default   Everyone   role, click   Finish now .   Else, click   Next   to define a user role other than the default .
  6. If you proceed to the next step, select the roles to be assigned to the user and Finish
  7. The new user appears on the  Users   list. WSO2 user management
  8. You can change the user's password, roles or delete using the links associated with it. 

    You cannot change the user name of an existing user.

Importing users

In addition to manually adding individual users, you can import multiple users in bulk if you have exported them to a comma-separated values (.csv) file or Microsoft Excel (.xls) file.

This is only supported if you have configured your user store as JDBCUserStoreManager. See here for information on how to do this.

  1. On the Users screen, click Bulk Import Users.
  2. Browse and select the file that contains the user data. 
  3. Specify a default password to assign to all the users you are importing and click Finish. This password is valid for only 24 hours, so you should inform your users that they must log in and change their password within 24 hours.

Adding a user role

Roles contain permissions for users to manage the Server. You can create different roles with various combinations of permissions and assign them to a user or a group of users. Through the management console, you can also edit and delete an existing user role.

Follow the instructions below to add a user role.

  1. Log on to the product's Management Console. In the Configure menu, click  Users and Roles.
  2. Click Roles from the User Management page that opens.

  3. C lick on Add New Role.
  4. Enter the name for the role and click  Next.  The Domain drop-down list contains all user stores configured for this product instance. By default, you only have the PRIMARY user store. To configure secondary user stores, see Configuring Secondary User Stores.

    You can also click  Finish,  in which case, the new role will be created with default permissions (none) and no assigned users.
  5. If you proceed, select permissions for the new role and click Next.
  6. Select the users to be assigned to the role. You can conduct a search by name, or view all users by entering "*" into the search field.
  7. Click Finish.
  8. The new role appears under roles. Using the links  associated  with it, you can rename, edit permissions, users and delete the role.

When adding roles to external user stores

    • Some external user stores do not allow you to create empty roles. In that case, selecting users who belong to a role is mandatory.
    • If you connect to an external user store in read only mode, you can read existing roles from it but you can not edit/delete the roles. In this case, you can still create new roles which are editable and can be managed internally.
    • If you connect to an external user store in read/write mode, you can edit the roles in the external user store as well.

Changing the current user's password

Follow the instructions below to change the password of the user currently logged in.

  1. Log on to the product's Management Console. In the Configure menu, click Users and Roles. 
  2. The User Management page opens. Click on the Change My Password.

  3. The Change Password page appears. Populate the required fields and click Change.  

    If a user has forgotten the current password, they need to contact the administrator who can reset it without the current password.

Deleting an existing user 

 Follow the instructions below to delete a user.

Deleting a user cannot be undone.

  1. On the Configure tab in the management console, click Users and Roles.  
  2. Click Users. This link is only visible to users with the Admin role. 
  3. In the Users list, click Delete next to the user you want to delete, and then click Yes to confirm the operation.
  • No labels