This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Using External User Stores

Owned by Former user (Deleted)
Last updated: Jul 12, 2012Version comment
1 min read

You can also connect an external user store (database/LDAP) with WSO2 Gadget Server. Such external stores are configured through the user-mgt.xml file which can be found in the <GS_HOME>/repository/conf directory. Settings required to connect to different user stores (an external LDAP-based user store, internal JDBC user store etc.) are already provided in the default user-mgt.xml file. You have to simply un-comment the relevant entries in the file and update the required parameters.

Note

The Gadget Server can have only one user store at any given moment. Therefore, when you want to connect to a different user store, you need to comment out the default user store settings (LDAP user store manager) in the user-mgt.xml file and un-comment the required user store settings.

Configuration settings for the default LDAP-based user store is given below.

<!-- Following is the default user store manager. This user store manager is based on embedded-apacheds LDAP.
     It reads/writes users and roles into the default apacheds LDAP user store.
     Descriptions about each of the following properties can be found in user management documentation of the respective product.
     Note: Do not comment within UserStoreManager tags. Cause, specific tag names are used as tokens when building configurations for products. -->
    
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager">
     <Property name="ReadOnly">false</Property>
     <Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
     <Property name="ConnectionName">uid=admin,ou=system</Property>
     <Property name="ConnectionPassword">admin</Property>
     <Property name="passwordHashMethod">SHA</Property>
     <Property name="UserNameListFilter">(objectClass=person)</Property>
     <Property name="UserEntryObjectClass">wso2Person</Property>
     <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
     <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
     <Property name="UserNameAttribute">uid</Property>
     <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property>
     <Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property>
     <Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\&lt;&gt;]{3,30}$</Property>
     <Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property>
     <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\&lt;&gt;]{3,30}$</Property>
     <Property name="ReadLDAPGroups">true</Property>
     <Property name="WriteLDAPGroups">true</Property>
     <Property name="EmptyRolesAllowed">true</Property>
     <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
     <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
     <Property name="GroupEntryObjectClass">groupOfNames</Property>
     <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
     <Property name="GroupNameAttribute">cn</Property>
     <Property name="MembershipAttribute">member</Property>
</UserStoreManager>