This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

The default JDBC user store reads/writes into the internal database of the Carbon server. Internal JDBC user stores can be configured using <PRODUCT_HOME>/repository/conf/user-mgt.xml file's JDBCUserStoreManager configuration section.

The default configuration is shown below. Change the values according to your requirements. 

<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
	 <Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property>
	 <Property name="ReadOnly">false</Property>
	 <Property name="MaxUserNameListLength">100</Property>
	 <Property name="IsEmailUserName">false</Property>
	 <Property name="DomainCalculation">default</Property>
     <Property name="PasswordDigest">SHA-256</Property>
	 <Property name="StoreSaltedPassword">true</Property>
	 <Property name="UserNameUniqueAcrossTenants">false</Property>
	 <Property name="PasswordJavaRegEx">[\S]{5,30}$</Property>
	 <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property>
	 <Property name="UsernameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\&lt;&gt;,\'\"]{3,30}$</Property>
	 <Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property>
	 <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\&lt;&gt;,\'\"]{3,30}$</Property>
	 <Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property>
	 <Property name="UserRolesCacheEnabled">true</Property>
</UserStoreManager>

The main elements of the above configuration are described below.

Property Name

Description

Tenant ManagerIncludes the location of the tenant manager.

ReadOnly

Indicates whether the user store of this realm operates in the user read only mode or not.

MaxUserNameListLength

Maximum number of users retrieved at once by user real.

IsEmailUserName

Indicates whether Email is used as user name (apply when realm operates in read only mode).

DomainCalculation

Can be either default or custom (apply when realm operates in read only mode).

PasswordDigest

Digesting algorithm of the password. Has values such as PLAIN_TEXT, SHA etc.

StoreSaltedPassword

Indicates whether to salt the password.

UserNameUniqueAcrossTenants

An attribute used for multi-tenancy.

PasswordJavaRegEx

A regular expression to validate passwords. By default, strings having length 5 to 30 non-empty characters are allowed.

PasswordJavaScriptRegEx

The regular expression used by the font-end components for password validation.

UsernameJavaRegEx

A regular expression to validate usernames. By default, strings having length 5 to 30 non-empty characters are allowed.
UsernameJavaScriptRegExThe regular expression used by the font-end components for username validation.

RolenameJavaRegEx

A regular expression to validate rolenames. By default, strings having length 5 to 30 non-empty characters are allowed.

RolenameJavaScriptRegEx

The regular expression used by the font-end components for rolename validation.

UserRolesCacheEnabled

This is to indicate whether to cache the role list of a user. By default it is 'true'. Set it to 'falese' if user-roles are changed by external means and those changes should be instantly reflected in the carbon instance.

In addition to the above properties, set the following also in <PRODUCT_HOME>/repository/conf/user-mgt.xml file.

  1. 'MultiTenantRealmConfigBuilder' property should be set to 'org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder'. For example:

    <Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder</Property> 

    This property is described in section Realm Configuration.

  2. Add a property by the name 'passwordHashMethod' to 'JDBCUserStoreManager' default configuration shown above and set the value to 'SHA' or 'PLAIN_TEXT'. For example: 

    <UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
    ...
        <Property name="passwordHashMethod">SHA</Property>
    ...
    </UserStoreManager>
  3. Go to $PRODUCT_HOME/repository/conf/tenant-mgt.xml file and comment out the 'CommonHybridLDAPTenantManager', which is used by default and uncomment JDBCTenantManager. For example: 

    <TenantManager class="org.wso2.carbon.user.core.tenant.JDBCTenantManager"></TenantManager>
  • No labels