User registry considerations

A user registry or repository authenticates a user and retrieves information about users and groups to perform security-related functions, including authentication and authorization.

User registries store user account information, such as user ID and password, that can be accessed during authentication. User repositories store user profiles and preference information. A user registry or repository is used to:

By default, WebSphere Portal is installed with a federated repository with a built-in file repository. The federated repository allows you to add various user registries, realm support for Virtual Portals, and/or property extensions to create a single, working unit. The available user registries that you can add to the federated repository are LDAP user registries, database user registries, and custom user registries.

Use the built-in file repository is not recommended in a production environment. After adding another repository and choosing the administrative users from that repository, you should remove the file repository.

Based on the federated repository, WebSphere Portal allows you to create a user base that can be federated over multiple repositories: LDAP, DB, and/or custom user registry. It also allows you to define additional attributes in a separate store if corporate LDAP directory is read-only.

If you are using a federated repository, plan on where you want to store new users and groups. By default, new users and groups are stored in the default file repository. If using multiple LDAP user registries and/or database user registries, figure out which user registry you want to define as default user registry where new users and groups are stored. After you add all user registries to federated repository, you can run the wp-set-entitytypes task to set a specific user registry as the default location.

Remember: Before combining multiple user registries, review the registries for the following limitations and correct any issues:

If you have an application that does not support the federated repository, you can switch to a standalone LDAP user registry or a standalone custom user registry.


Parent

Plan to install WebSphere Portal
Directory Search

 


+

Search Tips   |   Advanced Search