This documentation is for WSO2 Identity Server 5.0.0. View documentation for the latest release.
Page Comparison - Writing a Custom User Store Manager (v.22 vs v.23) - Identity Server 5.0.0 - WSO2 Documentation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Available methodsDefault behaviourReasons for overriding

boolean doAuthenticate(String userName, Object credential)

This method returns details on whether the given username and password is matched or not. Credential is usually a String literal.

If you want to change the authentication logic you can override this method and write your own implementation. The default task of this method is to compare the given password with the stored password. The given credentials are passed to the preparePassword method to do the salting or encryption before the comparison takes place.

String preparePassword(String password, String saltValue)

This returns the encrypted or plain-text password based on the configurations.

You can override this method if you need to change the way you encrypt the password. If you want to change the algorithm that is used for encryption, you can configure it.

Properties getDefaultUserStoreProperties()

The default properties of the user store are returned using this method. These properties are used in user store related operations.


Be sure to manually add the following property when you implement the class:

Code Block
setOptionalProperty("Disabled", "false", "Whether user store is disabled");

This property is what controls whether the user store is enabled or disabled.

By overriding this method, you can programmatically change the configuration of the user store manager implementation.

boolean checkUserNameValid(String userName)

Returns whether the given username is compatible with the defined criteria.

The criteria used for defining a valid username can be configured as a regex in user store configurations. If you want to change the way user name validation is done, override this method.

boolean checkUserPasswordValid(Object credential)

Returns whether the given password is compatible with the defined criteria. This is invoked when creating a user, updating a password and authorization.

Similar to the user name, you can configure the format of a valid password in configuration. If you want to change that behavior you can override this method.