Configuring the Primary User Store¶
This documentation explains the process of setting up a primary user store for your system.
User management functionality is provided by default in all WSO2 Carbon-based products and is configured in the deployment.toml
file found in the <PRODUCT_HOME>/repository/conf/
directory and the changes will be automatically applied to user-mgt.xml
file in <PRODUCT_HOME>/repository/conf/
directory as well. This file is shipped with user store manager configurations for all possible user store types (JDBC, read-only LDAP/Active Directory, read-write LDAP and read-write Active directory). The instructions given below explains how to configure a primary user store for the WSO2 server.
The Default User Store
The primary user store in of WSO2 products is configured by default as a JDBC user store in the user-mgt.xml file, which reads/writes into the internal database of the product server. This internal database is typically H2 by default. This database is used by both the Authorization Manager (for managing user authentication data) and the User Store Manager (for defining users and roles).
Please note that the RDBMS used in the default configuration can remain as the database used for storing Authorization information.
Instead of using the embedded database, you can set up a separate repository and configure it as your primary user store. Since the user store you want to connect to might have different schemas from the ones available in the embedded user store, it needs to go through an adaptation process. We do the necessary adaptations depending on the user store type. We support the following primary user store types.
User store type | User store manager class | Description |
---|---|---|
read_only_ldap | org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager |
Use |
read_write_ldap | org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager |
Use |
active_directory | org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager |
Use |
database | org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager |
Use |
This can be defined in the [user_store]
section of the <APIM_HOME>/repository/conf/deployment.toml
file.
[user_store]
type = "database_unique_id"
Follow the links given below to setup the required type of primary user store.