Plan your user registry
User registries store account information...
- user names and passwords
- user profiles
- preference information
...about users and groups to perform authentication and authorization.
Authentication can occur using...
By default, IBM WebSphere Portal is installed with a federated repository, with a built-in file repository, that allows you to add...
- User registries
- LDAP user registries
- database user registries
- custom user registries
- Realm support for virtual portals
- Property extensions
The user base can be federated over multiple registries:
- LDAP
- DB
- Custom user
You can define additional attributes in a separate store if your corporate LDAP directory is read-only.
When combining multiple user registries, ensure that the distinguished names are unique over all registries. For example, if...
uid=wpsadmin,o=yourco... exists in LDAP1, it cannot exist in LDAP2, LDAP3, or database user registry1.
The user must exist in a user registry and not within the property extension configuration.
Distinguished names must be unique for a realm over all registries. For example, if...
uid=wpsadmin,o=yourco...exists in LDAP1, it must not exist in LDAP2, LDAP3, or DB1.
The shortname, for example wpsadmin, should be unique for a realm over all registries.
The base distinguished names for all registries used within a realm must not overlap. For example, if LDAP1 is...
c=us,o=yourco...LDAP2 should not be...
o=yourcoDo not leave the base entry blank for any of the registries used within a realm.
The user must exist in a user registry and not within the property extension configuration.
If you have an application that does not support the federated repository you can switch to...
- stand-alone LDAP user registry
- stand-alone custom user registry
Parent topic
Planning for WebSphere Portal
See also