Internal JDBC User Store Configuration
The internal JDBC user store reads/writes into the default database of the carbon server.
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager"> <Property name="ReadOnly">false</Property> <Property name="MaxUserNameListLength">100</Property> <Property name="IsEmailUserName">false</Property> <Property name="DomainCalculation">default</Property> Â <Property name="PasswordDigest">SHA-256</Property> <Property name="StoreSaltedPassword">true</Property> <Property name="UserNameUniqueAcrossTenants">false</Property> <Property name="PasswordJavaRegEx">[\S]{5,30}$</Property> <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property> <Property name="UsernameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property> <Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property> <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property> <Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property> <Property name="UserRolesCacheEnabled">true</Property> </UserStoreManager>
The configuration given above can be described as follows:
Property Name | Description |
---|---|
ReadOnly | Indicates whether the user store of this realm operates in the user read only mode or not. |
MaxUserNameListLength | Maximum number of users retrieved at once by user real. |
IsEmailUserName | Indicates whether Email is used as user name (apply when realm operates in read only mode). |
DomainCalculation | Can be either default or custom (apply when realm operates in read only mode). |
PasswordDigest | Digesting algorithm of the password. Has values such as PLAIN_TEXT, SHA etc. |
StoreSaltedPassword | Indicates whether to salt the password. |
UserNameUniqueAcrossTenants | An attribute used for multi-tenancy. |
PasswordJavaRegEx | A regular expression to validate passwords. By default, strings having length 5 to 30 non-empty characters are allowed. |
PasswordJavaScriptRegEx | The regular expression used by the font-end components for password validation. |
UsernameJavaRegEx | A regular expression to validate usernames. By default, strings having length 5 to 30 non-empty characters are allowed. |
UsernameJavaScriptRegEx | The regular expression used by the font-end components for username validation. |
RolenameJavaRegEx | A regular expression to validate rolenames. By default, strings having length 5 to 30 non-empty characters are allowed. |
RolenameJavaScriptRegEx | The regular expression used by the font-end components for rolename validation. |
UserRolesCacheEnabled | This is to indicate whether to cache the role list of a user. By default it is 'true'. Set it to 'falese' if user-roles are changed by external means and those changes should be instantly reflected in the carbon instance. |