Default JDBC User Store Configuration
- Former user (Deleted)
The default JDBC user store reads/writes into the internal database of the Carbon server. Internal JDBC user stores can be configured using <PRODUCT_HOME>/repository/conf/user-mgt.xml file's JDBCUserStoreManager configuration section.
The default configuration is shown below. Change the values according to your requirements.
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property>
<Property name="ReadOnly">false</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="IsEmailUserName">false</Property>
<Property name="DomainCalculation">default</Property>
 <Property name="PasswordDigest">SHA-256</Property>
<Property name="StoreSaltedPassword">true</Property>
<Property name="UserNameUniqueAcrossTenants">false</Property>
<Property name="PasswordJavaRegEx">[\S]{5,30}$</Property>
<Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property>
<Property name="UsernameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property>
<Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property>
<Property name="UserRolesCacheEnabled">true</Property>
</UserStoreManager>
The main elements of the above configuration are described below.
Property Name | Description |
|---|---|
| TenantManager | Includes the location of the tenant manager. |
ReadOnly | Indicates whether the user store of this realm operates in the user read only mode or not. |
MaxUserNameListLength | Maximum number of users retrieved at once by user real. |
IsEmailUserName | Indicates whether Email is used as user name (apply when realm operates in read only mode). |
DomainCalculation | Can be either default or custom (apply when realm operates in read only mode). |
PasswordDigest | Digesting algorithm of the password. Has values such as PLAIN_TEXT, SHA etc. |
StoreSaltedPassword | Indicates whether to salt the password. |
UserNameUniqueAcrossTenants | An attribute used for multi-tenancy. |
PasswordJavaRegEx | A regular expression to validate passwords. By default, strings having length 5 to 30 non-empty characters are allowed. |
PasswordJavaScriptRegEx | The regular expression used by the font-end components for password validation. |
UsernameJavaRegEx | A regular expression to validate usernames. By default, strings having length 5 to 30 non-empty characters are allowed. |
| UsernameJavaScriptRegEx | The regular expression used by the font-end components for username validation. |
RolenameJavaRegEx | A regular expression to validate rolenames. By default, strings having length 5 to 30 non-empty characters are allowed. |
RolenameJavaScriptRegEx | The regular expression used by the font-end components for rolename validation. |
UserRolesCacheEnabled | This is to indicate whether to cache the role list of a user. By default it is 'true'. Set it to 'false' if user-roles are changed by external means and those changes should be instantly reflected in the carbon instance. |
In addition to the above properties, set the following also in <PRODUCT_HOME>/repository/conf/user-mgt.xml file.
MultiTenantRealmConfigBuilder property should be set to
org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder. For example:<Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder</Property>
This property is described in section Realm Configuration.
Add a property by the name passwordHashMethod to JDBCUserStoreManager default configuration shown above and set the value to SHA or PLAIN_TEXT. For example:Â
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager"> ... <Property name="passwordHashMethod">SHA</Property> ... </UserStoreManager>Go to
<PRODUCT_HOME>/repository/conf/tenant-mgt.xmlfile and comment out the CommonHybridLDAPTenantManager, which is used by default and uncomment JDBCTenantManager. For example:Â<TenantManager class="org.wso2.carbon.user.core.tenant.JDBCTenantManager"></TenantManager>