Stand-alone custom registry wizard settings

Stand-alone custom registry wizard settings

A wizard page exists in the administrative console to aid in viewing the basic settings necessary to connect the application server to an existing stand-alone custom registry. After we have viewed the basic settings, we can also modify the existing stand-alone customer registry configuration using the administrative console.

To view this security wizard page:

Click Security > Global security > Security configuration wizard.
Select your protection settings and click Next.
Select the Stand-alone custom registry option and click Next.

We can modify the stand-alone custom registry configuration by completing the following steps:

Click Security > Global security.
Under User account repository, click the Available realm definitions drop-down list, select Stand-alone custom registry, and click Configure.
Enter additional properties to initialize your implementation

Click Custom properties > New.
Enter the property name and value. For the sample, enter the following two properties. It is assumed that the users.props file and the groups.props file are in the customer_sample directory under the product installation directory. We can place these properties in any directory chosen and reference their locations through Custom properties. However, make sure that the directory has the appropriate access permissions.

Property name Property value
usersFile ${USER_INSTALL_ROOT}/customer_sample /users.props
groupsFile ${USER_INSTALL_ROOT}/customer_sample /groups.props

Samples of these two properties are available in reference topics for the users.props file and the groups.props file. See the following related links for more information.

The Description, Required, and Validation Expression fields are not used and can remain blank.

WebSphere Application Server Version 4 based custom user registry is migrated to the custom user registry based on the com.ibm.websphere.security.UserRegistry interface.

Click Apply.

Primary administrative user name

Name of a user with administrative privileges defined in our custom user registry.

The user name is used to log onto the administrative console when administrative security is enabled. v6.1 requires an administrative user that is distinct from the server user identity so that administrative actions can be audited.
In WAS, v6.0.x, a single user identity is required for both administrative access and internal process communication. When migrating to v6.1 and later, this identity is used as the server user identity. We need to specify another user for the administrative user identity.

Custom registry class name

Dot-separated class name that implements the com.ibm.websphere.security.UserRegistry interface.

Put the custom registry class name in the class path. A suggested location is the following directory.

(Dist) %install_root%/lib/ext
(iSeries) profile_root/classes

Information Value
Data type: String
Default: com.ibm.websphere.security.FileRegistrySample

Ignore case for authorization

Indicates that a case-insensitive authorization check is performed when using the default authorization.

Information Value
Default: Disabled
Range: Enabled or Disabled

Configure stand-alone custom registries
Stand-alone custom registry settings
users.props file
groups.props file

Property name	Property value
usersFile	${USER_INSTALL_ROOT}/customer_sample /users.props
groupsFile	${USER_INSTALL_ROOT}/customer_sample /groups.props

Information	Value
Data type:	String
Default:	com.ibm.websphere.security.FileRegistrySample