This documentation is for WSO2 Carbon 4.4.3. View documentation for the latest release.
Page Comparison - Managing Users, Roles and Permissions (v.3 vs v.5) - Carbon 4.4.3 - WSO2 Documentation
Due to a known issue do not use JDK1.8.0_151 with WSO2 products. Use JDK 1.8.0_144 until JDK 1.8.0_162-ea is released.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

hiddentrue

Note to writers- The following content should be copied to the product pages before pulling the page content:

...

User management functionality is provided by default in all WSO2 Carbon-based products and is configured in the user-mgt.xml file found in the <PRODUCT_HOME>/repository/conf/ directory. The following documentation explains how users, roles and permissions can be managed using the management console of WSO2 products.

WSO2 products support the role-based authentication model where privileges of a user are based on the role attached.  Each role is configured with zero or more permissions. Therefore, the set of permissions owned by a user is determined by the roles assigned to that user. If a user has several roles assigned, their permissions are added together.

...

  • Only system administrators or other users with Security level permissions can add, modify and remove users and roles. See the related topics for details For more information on permissions, see Role-based Permissions.
  • Your product has a primary user store where the users/roles that you create using the management console are stored by default. The default RegEx configurations for this user store are as follows. RegEx configurations ensure that parameters like the length of a user name/password meet the requirements of the user store.

    Code Block
    PasswordJavaRegEx-------- ^[\S]{5,30}$
    PasswordJavaScriptRegEx-- ^[\S]{5,30}$
    UsernameJavaRegEx-------- ^~!#$;%*+={}\\{3,30}$
    UsernameJavaScriptRegEx-- ^[\S]{3,30}$
    RolenameJavaRegEx-------- ^~!#$;%*+={}\\{3,30}$
    RolenameJavaScriptRegEx-- ^[\S]{3,30}$

    When creating users/roles, if you enter a username, password etc. that does not conform to the RegEx configurations, the system throws an exception. You can either change the RegEx configuration or enter values that conform to the RegEx. If you change the default user store or set up a secondary user store, configure the RegEx accordingly under the user store manager configurations in <PRODUCT_HOME>/repository/conf/user-mgt.xml file.

  • The permission model of WSO2 products is hierarchical. Permissions can be assigned to a role in a fine-grained or a coarse-grained manner.

Related Topics

children