Add info on how it works when multiple user stores are configured #3929
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Identity Server supports JDBC, LDAP, and Active Directory userstores with the | ||
| capability of configuring custom userstores. There are different userstore adapters called *Userstore managers*, which are used to connect | ||
| with these userstore types. | ||
| WSO2 Identity Server allows configuring multiple user stores to your system that are used to store users and their roles (Groups). Out of the box, the WSO2 Identity Server supports JDBC, LDAP, and Active Directory user stores with the capability of configuring custom user stores. Different user store adapters called **Userstore managers** are used to connect with these user store types. |
There was a problem hiding this comment.
Suggested change
| WSO2 Identity Server allows configuring multiple user stores to your system that are used to store users and their roles (Groups). Out of the box, the WSO2 Identity Server supports JDBC, LDAP, and Active Directory user stores with the capability of configuring custom user stores. Different user store adapters called **Userstore managers** are used to connect with these user store types. | |
| WSO2 Identity Server allows configuring multiple user stores to your system that are used to store users and their groups. Out of the box, the WSO2 Identity Server supports JDBC, LDAP, and Active Directory user stores with the capability of configuring custom user stores. Different user store adapters called **Userstore managers** are used to connect with these user store types. |
I think we can directly say groups here since now we have group role separation. This might get confused with the roles feature in latest IS versions
|
|
||
| see, [Configure the Primary Userstore]({{base_path}}/deploy/configure-the-primary-user-store) | ||
| Learn more on how to [configure the primary serstore]({{base_path}}/deploy/configure-the-primary-user-store). |
There was a problem hiding this comment.
Suggested change
| Learn more on how to [configure the primary serstore]({{base_path}}/deploy/configure-the-primary-user-store). | |
| Learn more on how to [configure the primary userstore]({{base_path}}/deploy/configure-the-primary-user-store). |
| You can use the management console to create secondary userstores or | ||
| you can create them manually. These will be stored in an xml file with the | ||
| configurations corresponding to the secondary userstore. | ||
| You can easily set up any number of secondary user stores for your system. These user stores are specific to the created tenant and are not shared among multiple tenants. You can use the management console to create secondary user stores or manually create them. These will be stored in an XML file with the configurations corresponding to the secondary store. |
There was a problem hiding this comment.
Suggested change
| You can easily set up any number of secondary user stores for your system. These user stores are specific to the created tenant and are not shared among multiple tenants. You can use the management console to create secondary user stores or manually create them. These will be stored in an XML file with the configurations corresponding to the secondary store. | |
| You can easily set up any number of secondary user stores for your system. These user stores are specific to the created tenant and are not shared among multiple tenants. You can use the console to create secondary user stores or manually create them. These will be stored in an XML file with the configurations corresponding to the secondary store. |
We shouldn't mention above management console in latest versions right?
|
|
||
| Example: Username: `PRIMARY/johnd` | ||
|
|
||
| 2. WSO2 Identity Server checks the specified user stores for the availability of the user and authenticates the user. |
There was a problem hiding this comment.
Suggested change
| 2. WSO2 Identity Server checks the specified user stores for the availability of the user and authenticates the user. | |
| 2. WSO2 Identity Server checks the specified user store for the availability of the user and authenticates the user. |
|
|
||
| ## Initial set up | ||
|
|
||
| To set up the WSO2 identity Server to configure the user store preference order: |
There was a problem hiding this comment.
Suggested change
| To set up the WSO2 identity Server to configure the user store preference order: | |
| To set up the WSO2 Identity Server to configure the user store preference order: |
Check for the ideal case here
|
|
||
| 1. Implement the `UserStorePreferenceOrderSupplier` interface with your own logic to retrieve the user store order. | ||
|
|
||
| Use the provided template to implement the [UserStorePreferenceOrderSupplier interface](https://github.com/wso2/carbon-kernel/blob/feeae3e4668b805c8d6d5e8c115897fa93b8a856/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/config/UserStorePreferenceOrderSupplier.java?source=post_page-----cdadf43f9366--------------------------------). |
There was a problem hiding this comment.
Let's validate these links. Seems there are some query parameters. Is it intentional?
| callback_factory = "org.wso2.carbon.identity.custom.callback.userstore.CustomUserStoreOrderCallbackFactory" | ||
| ``` | ||
|
|
||
| 4. Restart the WSO2 Identity Server if it's already running. |
There was a problem hiding this comment.
This seems to be missing few steps where it instructs to build and patch the custom jar. Refer this for the complete guide.
|
|
||
| To update the preference order: | ||
|
|
||
| 1. On the WSO2 Identity Server Management Console, go to **Main** > **Registry** > **Browse** |
There was a problem hiding this comment.
we should validate whether these aligns with the latest IS versions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose
Related issue: wso2/product-is#13473