WAS v8.5 > Secure applications > Authenticate users > Select a registry or repository > Manage the realm in a federated repository configurationUse custom adapters for federated repositories
When the custom adapters for federated repositories are part of the default realm, the users and groups can be managed using wsadmin commands or the dmgr console.
If custom adapters for federated repositories are part of the default realm, we use the dmgr console to manage the users and groups in the realm.
The default parent for PersonAccount and Group entities needs to be the same as the base entry of the custom adapter. To view this dmgr console page, complete the following steps:
- In the dmgr console, click Security > Global security.
- Under User account repository, select Federated repositories from the Available realm definitions field and click Configure. To configure for a specific domain in a multiple security domain environment, click Security domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories and then click Configure.
- Under Additional properties, click Supported entity types.
You must configure the supported entity types before we can manage this account with Users and Groups in the dmgr console. The Base entry for the default parent determines the repository location where entities of the specified type are placed on write operations by user and group management.
- In the dmgr console, click Users and Groups to access users and groups panel. To manage users and groups for a specific domain in a multiple security domain environment, click Security > Global security > Security Domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories. Click Apply and Save to the master configuration. On Security domains panel that appears, click the domain_name again to go to the domain configuration panel. The links to manage users and groups for a specific domain are displayed only after you save the federated repositories configuration for the domain.
- Click Manage Groups to test the basic functions of the custom adapter with respect to custom adapters for federated repositories.
- Click Manage Users to test the basic functions of the custom adapter with respect to custom adapters for federated repositories.
Restart the server or dmgr if the federated repository has changed before using the Manage Users option. Otherwise, user or group changes made to the repository could be lost after restart.
Results
After completing these steps, you will have ensured the custom adapter is being used properly.
Adjustments to the custom adapter can be made using wsadmin to make configuration changes. See Configure custom adapters for federated repositories using wsadmin for more details.
Subtopics
- Sample custom adapters for federated repositories examples
Out of the box adapters for federated repositories provide File, LDAP, and Database adapters for the use. These adapters implement the com.ibm.wsspi.wim.Repository software programming interface (SPI). A virtual member manager custom adapter needs to implement the same SPI.- Sample custom adapters for federated repositories examples
Out of the box adapters for federated repositories provide File, LDAP, and Database adapters for the use. These adapters implement the com.ibm.wsspi.wim.Repository software programming interface (SPI). A virtual member manager custom adapter needs to implement the same SPI.
Related concepts:
Federated repositories
Security role to user or group mapping
Related
Manage repositories in a federated repository configuration
Configure custom adapters for federated repositories using wsadmin
Establish custom adapters for federated repositories
Configure supported entity types in a federated repository configuration