Configure custom user registries

 

Before you begin

Before you begin this task, implement and build the UserRegistry interface. For more information on developing custom user registries refer to the article, Developing custom user registries. The following steps are required to configure custom user registries through the administrative console.

 

Procedure

  1. Click Security > Global security

  2. Under User registries, click Custom.

  3. Enter a valid user name in the Server user ID field.

  4. Enter the password of the user in the Server user password field.

  5. Enter the full name of the location of the implementation class file in the Custom registry class name field as a dot-separated file name. For the sample, this file name is com.ibm.websphere.security.FileRegistrySample. The file exists in the WAS class path (preferably in the install_root/lib/ext directory). This file exists in all the product processes. So, if you are operating in a Network Deployment environment, this file exists in the cell class path and in all of the node class paths.

  6. Select the Ignore case for authorization option for the authorization to perform a case insensitive check. Enabling this option is necessary only when your registry is case insensitive and does not provide a consistent case when queried for users and groups.

  7. Click Apply if you have any other additional properties to enter for the registry initialization. Otherwise click OK and complete the steps required to turn on security.

  8. Enter additional properties to initialize your implementation by clicking Custom properties. Click New. Enter the property name and value. Click OK. Repeat this step to add other additional properties. For the sample, enter the following two properties. It is assumed that the users.props and the groups.props file are in the customer_sample directory under the product installation directory. We can place these properties in any directory that you chose and reference their location through Custom properties. However, make sure that the directory has the appropriate access permissions.

    Property name Property value
    usersFile $USER_INSTALL_ROOT/customer_sample/users.props
    groupsFile $USER_INSTALL_ROOT/customer_sample/groups.props
    Samples of these two properties are available in the users.props file and the groups.props file article.

    The Description, Required, and Validation Expression fields are not used and one can leave them blank.

    Note: In a Network Deployment environment where multiple WebSphere Application Server processes exist (cell and multiple nodes in different machines), these properties are available for each process. Use the relative name USER_INSTALL_ROOT to locate any files, as this name expands to the product installation directory. If this name is not used, ensure that the files exist in the same location in all the nodes. To change the value for the USER_INSTALL_ROOT variable

 

Result

This step is required to set up the custom user registry and to enable security in WebSphere Application Server.

 

What to do next

  1. Complete the remaining steps, if you are enabling security.

  2. After security is turned on, save, stop, and start all the product servers (cell, nodes and all the application servers) for any changes in this panel to take effect.

  3. If the server comes up without any problems, the setup is correct.

  4. Validate the user and password by clicking OK or Apply on the Global security panel. Save, synchronize (in the cell environment), stop and restart all the product servers.

 

See also


UserRegistry.java files
FileRegistrySample.java file
Result.java file
Custom user registry settings
users.props file
groups.props file

 

See Also


Custom user registries

 

Related Tasks


Developing custom user registries
Migrating custom user registries

 

See Also


UserRegistry interface methods