Set up custom user repositories
A custom user repository is any repository that WebSphere Portal does not support out-of-box. However, we can configure WebSphere Portal to support any type of repository in a federated or stand-alone user registry, whether an LDAP directory, database, file system, and so on. Setting up custom user repositories involves tasks such as defining additional repositories to the default federated user registry, creating a custom stand-alone user repository, and updating the user repository to reflect changes in the environment. Learn what steps are required to create and update custom user repositories and what specific interfaces you must implement to enable communication between WebSphere Portal and a repository.A user registry is an implementation of the UserRegistry interface in WAS. The following user registries are available out-of-box:
- Federated Repositories
An implementation of the UserRegistry interface that supports multiple repositories. To communicate with the federated repositories, both WAS and WebSphere Portal dispatch all operations to VMM.
- Standalone LDAP
An implementation of the UserRegistry interface where a single LDAP directory is the repository. WAS communicates directly with the stand-alone LDAP. WebSphere Portal communicates with the stand-alone LDAP through VMM.
WebSphere Portal accesses all user repositories, whether in federated or stand-alone registry, through VMM. WebSphere Portal uses the Portal User Management Architecture (PUMA) System Programming Interface (SPI) to retrieve and set attributes on user objects. PUMA passes these requests to VMM, which then passes the requests on to a corresponding registry adapton that connects VMM to the repository. For this reason, registry adaptors are required to enable communication between WebSphere Portal and any repository.
Important: Create a user registry adaptor if you plan to use a custom user repository. To create a user registry adaptor, implement the com.ibm.wsspi.wim.Repository interface. Refer to the following topics in the WAS Information Center for information and instructions:
- Repository SPI (System programming interfaces for virtual member manager adapters)
- Sample custom adapters for federated repositories examples
- Set federated repositories
We can define additional repositories as required for the out-of-box federated repositories user registry.For example, we can define one or more databases and/or LDAP directories for the user registry. Federated repositories also let you implement multiple realms. Realms define subsets of users and are spread across multiple repositories.
For example, we can define one realm in a file-based repository and another realm in an LDAP directory. Because WAS provides an implementation of the UserRegistry interface for federated repositories out-of-box, you do not need to create a custom implementation of this interface.
- Set stand-alone repositories
You can implement the user registry as a single stand-alone repository. A stand-alone repository can consist of virtually any type of repository, whether a relational database, file-based repository, or LDAP directory. WAS provides an implementation of the UserRegistry interface for a stand-alone LDAP repository out-of-box. To configure WebSphere Portal for a custom user registry with a stand-alone repository other than an LDAP directory, you must implement the UserRegistry interface.
Parent: Securing
Related:
Virtual Member Manager integration
Related:WAS 8.0 Information Center, Sample custom adapters for federated repositories examples
WAS 8.0 Information Center, VMM API
Set up a custom user repository with Virtual Member Manager for IBM WAS and IBM WebSphere Portal
IBM WebSphere Developer Technical Journal: Expand the user registry options with a federated repository in WAS, Using the Virtual Member Manager