You can also connect an external user store (database) with WSO2 ESB. Such external stores are configured through the user-mgt.xml
file which can be found in the "repository/conf
directory. Settings required to connect an LDAP based user store or an Active Directory based user store are provided in the default user-mgt.xml
file. Simply uncomment the relevant entries in the file and update the required parameters.
Note
The ESB can have only one user store at any given moment. Hence when you want to connect to a different user store you also need to comment out the default user store settings (LDAP user store manager) in the user-mgt.xml
file.
Configuration settings for the LDAP based user store looks as follows.
<UserStoreManager> <Property name="ReadOnly">false</Property> <Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property> <Property name="ConnectionName">uid=admin,ou=system</Property> <Property name="ConnectionPassword">admin</Property> <Property name="passwordHashMethod">SHA</Property> <Property name="UserNameListFilter">(objectClass=person)</Property> <Property name="UserEntryObjectClass">wso2Person</Property> <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property> <Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property> <Property name="UserNameAttribute">uid</Property> <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property> <Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property> <Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property> <Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property> <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property> <Property name="ReadLDAPGroups">true</Property> <Property name="WriteLDAPGroups">true</Property> <Property name="EmptyRolesAllowed">true</Property> <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property> <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property> <Property name="GroupEntryObjectClass">groupOfNames</Property> <Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property> <Property name="GroupNameAttribute">cn</Property> <Property name="MembershipAttribute">member</Property> </UserStoreManager>
For more information , please, see Users, Roles and Permissions.