This documentation is for WSO2 Identity Server 5.4.0 . View documentation for the latest release.
Skip to end of metadata
Go to start of metadata

If you are a product administrator, the follow content will provide an overview of the administration tasks that you need to perform when working with WSO2 Identity Server (WSO2 IS).

Administering WSO2 IS involves the following:

Upgrading from a previous release

See Upgrading WSO2 Identity Server.

Configuring the server

WSO2 Identity Server (WSO2 IS) is shipped with default configurations that will allow you to download, install and get started with your product instantly. However, when you go into production, it is recommended to change some of the default settings to ensure that you have a robust system that is suitable for your operational needs. Also, you may have specific use cases that require specific configurations to the server.

Listed below are configurations for setting up your product server.

Changing the default database

By default, WSO2 products are shipped with an embedded H2 database, which is used for storing user management and registry data. We recommend that you use an industry-standard RDBMS such as Oracle, PostgreSQL, MySQL, MS SQL, etc. when you set up your production environment.  You can change the default database configuration by simply setting up a new physical database and updating the configurations in the product server to connect to that database. 

Configuring users, 
roles and permissions

The user management feature in your product allows you to create new users and define the permissions granted to each user. You can also configure the user stores that are used for storing data related to user management.

Configuring security

After you install WSO2 IS, it is recommended to change the default security settings according to the requirements of your production environment. As IS is built on top of the WSO2 Carbon Kernel, the main security configurations applicable to IS are inherited from the Carbon kernel.

Configuring multitenancy

You can create multiple tenants in your product server, which will allow you to maintain tenant isolation in a single server/cluster. 

See the section on working with multiple tenants in the WSO2 product administration guide for information and instructions.

Configuring the registry

registry  is a content store and a metadata repository for various artifacts such as services, WSDLs and configuration files. In WSO2 products, all configurations pertaining to modules, logging, security, data sources and other service groups are stored in the registry by default.

See the section on working with the registry in the WSO2 product administration guide for information on how to set up and configure the registry.

Performance tuning

You can optimize the performance of your product server by configuring the appropriate OS settings, JVM settings etc. Most of these are server-level settings that will improve the performance of any WSO2 product. 

Changing the default ports

When you run multiple WSO2 products, multiple instances of the same product, or multiple WSO2 product clusters on the same server or virtual machines (VMs), you must change their default ports with an offset value to avoid port conflicts.

See the section on changing the default ports in the WSO2 product administration guide for instructions.

Configuring custom proxy paths

This feature is particularly useful when multiple WSO2 products (fronted by a proxy server) are hosted under the same domain name. By adding a custom proxy path you can host all products under a single domain and assign proxy paths for each product separately 

See the section on adding a custom proxy path in the WSO2 product administration guide for instructions on how to configure this feature.

Customizing error pages

You can make sure that sensitive information about the server is not revealed in error messages, by customizing the error pages in your product.

See the section on customizing error pages in the WSO2 product administration guide for instructions.

Customizing the management console

Some of the WSO2 products, such as WSO2 IS consist of a web user interface named the management console. This allows administrators to configure, monitor, tune, and maintain the product using a simple interface. You can customize the look and feel of the management console for your product.

See the section on customizing the management console in the WSO2 product administration guide for instructions.

Monitoring the server

Monitoring is an important part of maintaining a product server. Listed below are the monitoring capabilities that are available for WSO2 IS.

Monitoring logs

A properly configured logging system is vital for identifying errors, security threats and usage patterns in your product server.

See the section on monitoring logs in the WSO2 product administration guide for information and instructions on how to set up and monitor the server.

Monitoring with statistics

The WSO2 IS is a powerful tool for collecting statistical information. 

See the section on monitoring the WSO2 Identity Server in the WSO2 Identity Server guide for more information on how to use the statistics feature.

Monitoring using WSO2 metrics

WSO2 IS 5.3.0 onwards is shipped with JVM Metrics, which allows you to monitor statistics of your server using Java Metrics.   

See the section on using WSO2 metrics in the WSO2 product administration guide for information on how to set up and use Carbon metrics.

JMX-based Monitoring

See the section on JMX-based monitoring in the WSO2 product administration guide for instructions.

Enabling mutual SSL

See the section on Enabling Mutual SSL to enable SSL authentication in WSO2 Identity Server.

  • No labels