This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Default JDBC User Store Configuration
The default JDBC user store reads/writes into the internal database of the Carbon server. Internal JDBC user stores can be configured using <PRODUCT_HOME>/repository/conf/user-mgt.xml
file's JDBCUserStoreManager configuration section.
The default configuration is shown below. Change the values according to your requirements.
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager"> <Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property> <Property name="ReadOnly">false</Property> <Property name="MaxUserNameListLength">100</Property> <Property name="IsEmailUserName">false</Property> <Property name="DomainCalculation">default</Property> <Property name="PasswordDigest">SHA-256</Property> <Property name="StoreSaltedPassword">true</Property> <Property name="UserNameUniqueAcrossTenants">false</Property> <Property name="PasswordJavaRegEx">[\S]{5,30}$</Property> <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property> <Property name="UsernameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property> <Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property> <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property> <Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property> <Property name="UserRolesCacheEnabled">true</Property> </UserStoreManager>
The main elements of the above configuration are described below.
Property Name | Description |
---|---|
Tenant Manager | Includes the location of the tenant manager. |
ReadOnly | Indicates whether the user store of this realm operates in the user read only mode or not. |
MaxUserNameListLength | Maximum number of users retrieved at once by user real. |
IsEmailUserName | Indicates whether Email is used as user name (apply when realm operates in read only mode). |
DomainCalculation | Can be either default or custom (apply when realm operates in read only mode). |
PasswordDigest | Digesting algorithm of the password. Has values such as PLAIN_TEXT, SHA etc. |
StoreSaltedPassword | Indicates whether to salt the password. |
UserNameUniqueAcrossTenants | An attribute used for multi-tenancy. |
PasswordJavaRegEx | A regular expression to validate passwords. By default, strings having length 5 to 30 non-empty characters are allowed. |
PasswordJavaScriptRegEx | The regular expression used by the font-end components for password validation. |
UsernameJavaRegEx | A regular expression to validate usernames. By default, strings having length 5 to 30 non-empty characters are allowed. |
UsernameJavaScriptRegEx | The regular expression used by the font-end components for username validation. |
RolenameJavaRegEx | A regular expression to validate rolenames. By default, strings having length 5 to 30 non-empty characters are allowed. |
RolenameJavaScriptRegEx | The regular expression used by the font-end components for rolename validation. |
UserRolesCacheEnabled | This is to indicate whether to cache the role list of a user. By default it is 'true'. Set it to 'falese' if user-roles are changed by external means and those changes should be instantly reflected in the carbon instance. |
In addition to the above properties, set the following also in <PRODUCT_HOME>/repository/conf/user-mgt.xml
file.
'MultiTenantRealmConfigBuilder' property should be set to '
org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder
'. For example:<Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder</Property>
This property is described in section Realm Configuration.
Add a property by the name 'passwordHashMethod' to 'JDBCUserStoreManager' default configuration shown above and set the value to 'SHA' or 'PLAIN_TEXT'. For example:
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager"> ... <Property name="passwordHashMethod">SHA</Property> ... </UserStoreManager>
Go to
$PRODUCT_HOME/repository/conf/tenant-mgt.xml
file and comment out the 'CommonHybridLDAPTenantManager', which is used by default and uncomment JDBCTenantManager. For example:<TenantManager class="org.wso2.carbon.user.core.tenant.JDBCTenantManager"></TenantManager>