Use custom adapters for federated repositories
When the custom adapters for federated repositories are part of the default realm, the users and groups can be managed using wsadmin commands or the administrative console.
If custom adapters for federated repositories are part of the default realm, we use the administrative console to manage the users and groups in the realm.
The default parent for PersonAccount and Group entities needs to be the same as the base entry of the custom adapter. To view this administrative console page, complete the following steps:
- In the administrative console, click Security > Global security.
- Under User account repository, select Federated repositories from the Available realm definitions field and click Configure.
To configure for a specific domain in a multiple security domain environment, click Security domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories and then click Configure.
- Under Additional properties, click Supported entity types.
Configure the supported entity types before managing this account with Users and Groups in the administrative console. The Base entry for the default parent determines the repository location where entities of the specified type are placed on write operations by user and group management.
Tasks
- In the administrative console, click Users and Groups to access users and groups panel. To manage users and groups for a specific domain in a multiple security domain environment, click Security > Global security > Security Domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories. Click Apply and Save to the master configuration. On Security domains panel that appears, click the domain_name again to go to the domain configuration panel. The links to manage users and groups for a specific domain are displayed only after you save the federated repositories configuration for the domain.
- Click Manage Groups to test the basic functions of the custom adapter with respect to custom adapters for federated repositories.
- Click Manage Users to test the basic functions of the custom adapter with respect to custom adapters for federated repositories.
We must restart the server or dmgr if the federated repository has changed before using the Manage Users option. Otherwise, user or group changes made to the repository could be lost after restart.
After completing these steps, we will have ensured that the custom adapter is being used properly.
What to do next
Adjustments to the custom adapter can be made using the wsadmin tool to make configuration changes. See Configure custom adapters for federated repositories using wsadmin for more details.
Subtopics
- (iSeries) (ZOS) (Dist) Sample custom adapters for federated repositories examples
Out of the box adapters for federated repositories provide File, LDAP, and Database adapters for our use. These adapters implement the com.ibm.wsspi.wim.Repository software programming interface (SPI). A virtual member manager custom adapter needs to implement the same SPI, irrespective of the type of repositories the adapter is interacting with. There is no restriction on the type of repositories that the custom adapter can interact with.
Related:
Federated repositories Security role to user or group mapping Related tasks:
Manage repositories in a federated repository configuration Configure custom adapters for federated repositories using wsadmin Establishing custom adapters for federated repositories Configure supported entity types in a federated repository configuration