WebSphere Portal v6 User registries

 

+
Search Tips   |   Advanced Search

 

Overview

IBM WAS and IBM WebSphere Portal support three types of user registries:

LDAP Lightweight Directory Access Protocol user registry
Custom user registry A non-LDAP user registry provided by the customer.
Database user registry The user and group information is stored in the WebSphere Portal database. This user registry is also used for authentication and User and Group management if security is disabled.

If security is enabled, WebSphere Portal shares the same authentication registry as WAS.

  • Datastores that store user account information are called user registries.

  • Datastores that store user profile and preference information are called user repositories.

A user registry and a user repository can be based on the same underlying datastore. For example, an LDAP directory typically contains user ID and password information but can also store additional profile information such as e-mail addresses and telephone numbers of users. Therefore, the LDAP directory is both a user registry and a user repository.

 

Lookaside User Repository

In the LDAP configuration of WebSphere Portal, an LDAP directory is used as both a user registry and a user repository. However, there are the following use cases where the LDAP directory cannot or should not be used to store all the profile information:

  • The LDAP is read-only
  • The LDAP should be kept completely free from attributes that are specific to WebSphere Portal

In these cases, we can use the Member Manager database as a database user repository for storing additional profile information; this is referred to as an...

LDAP with Lookaside

The Lookaside database attributes must be defined prior to running the enable security task.

 

Configuration Tasks

To enable WebSphere Portal to work with an LDAP server or a database user registry configuration, set configuration parameters in the wpconfig.properties file, and then run the appropriate configuration task.

Member Manager configuration WAS Authentication registry Description
LDAP LDAP user registry
Custom user registry 		When the authentication registry is an LDAP server, Member Manager supports creating new user entries in the authentication registry and updating the user ID and password in the registry.

User profile information is split between LDAP and a database, based on XML files that configure the Member Manager component.

Custom registries support realms (virtual portals).

Database user registry Custom user registry Internal WebSphere Portal database, where the authentication registry is part of the Member Manager, and user profile information is stored in the same database.

Member Manager supports creating new user entries in the database registry and updating the user ID and password in the registry.

Other Customer-supplied custom user registry or custom user registry for WAS provided by WebSphere Portal When the authentication registry is some custom datastore, Member Manager must be configured as well to connect to this custom datastore to be able to create new user entries or update existing user entries in the authentication registry.

Implementing a custom user registry is a software development effort. Please contact IBM Support for further details regarding the configuration of a custom user registry with WebSphere Portal.

 

Related information

 

Parent topic:

Authentication