All docs
This doc
Page History
...
| Property Name | Display Name | Description | ||
|---|---|---|---|---|
| DomainName | DomainName | Unique name to identify the user store. This should only be configured for secondary user stores. | ||
| url | Connection URL | Connection URL to the database which can include additional connection parameters as well Sample values: jdbc:mysql://localhost:3306/wso2is | ||
| userName | Connection Name | The username used to connect to database and perform various operations. This user does not have to be an administrator in the database or have an administrator role in the WSO2 product that you are using, but this user MUST have privileges to do required operation. | ||
| password | Connection Password | Password for the ConnectionName user. | ||
| driverName | Driver Name | JDBC driver name which used to connect to the database. This driver should be available in the <PRODUCT_HOME>/repository/components/lib folder. | ||
| Disabled | Disabled | This is to deactivate the user store. If you need to temporarily deactivate a user store, you can use this option. If you disable the user store from the disable option, it also will set this parameter. (Default: false) Possible values: true: Disable user store temporarily. | ||
| ReadOnly | Read-Only | Indicates whether user store operates in the read-only mode or not. Possible values: true: Operates in read-only mode false: Operates in read-write mode | ||
| ReadGroups | ReadGroups | When WriteGroups is set to false, it Indicates whether groups should be read from the user store. If this is disabled by setting it to false, none of the groups in the user store can be read, and the following group configurations are NOT mandatory: GroupSearchBase, GroupNameListFilter, or GroupNameAttribute. Possible values: true: Read groups from user store false: Do not read groups from user store | ||
| WriteGroups | WriteGroups | Indicates whether groups should be written to the user store. Possible values: true : Write groups to user store false : Do not write groups to user store, so only internal roles can be created. Depending on the value of ReadGroups property, it will read existing groups from user store or not | ||
| UsernameJavaRegEx | Username RegEx (Java) | The regular expression used by the back-end components for username validation. By default, strings with non-empty characters have a length of 3 to 30 are allowed. You can provide ranges of alphabets, numbers and also ranges of ASCII values in the RegEx properties. Default: [a-zA-Z0-9._-|//]{3,30}$ | ||
| UsernameJavaScriptRegEx | Username RegEx (Javascript) | The regular expression used by the front-end components for username validation. Default: ^[\S]{3,30}$ | ||
| UsernameJavaRegExViolationErrorMsg | Username RegEx Violation Error Message | Error message when the Username is not matched with UsernameJavaRegEx | ||
| PasswordJavaRegEx | Password RegEx (Java) | The regular expression used by the back-end components for password validation. By default, strings with non-empty characters have a length of 5 to 30 are allowed. You can provide ranges of alphabets, numbers and also ranges of ASCII values in the RegEx properties. Default: ^[\S]{5,30}$ | ||
| PasswordJavaScriptRegEx | Password RegEx (Javascript) | The regular expression used by the front-end components for password validation. Default: ^[\S]{5,30}$ | ||
| PasswordJavaRegExViolationErrorMsg | Password RegEx Violation Error Message | Error message when the Password is not matched with passwordJavaRegEx | ||
| RolenameJavaRegEx | Role Name RegEx (Java) | The regular expression used by the back-end components for role name validation. By default, strings with non-empty characters have a length of 3 to 30 are allowed. You can provide ranges of alphabets, numbers and also ranges of ASCII values in the RegEx properties. Default: [a-zA-Z0-9._-|//]{3,30}$ | ||
| RolenameJavaScriptRegEx | Role Name RegEx (Javascript) | The regular expression used by the front-end components for role name validation. Default: ^[\S]{3,30}$ | ||
| CaseInsensitiveUsername | Case Insensitive Username | Indicates whether the user name should be case insensitive or not. | ||
| SCIMEnabled | Enable SCIM | This is to configure whether user store is supported for SCIM provisioning. Possible values: True : User store support for SCIM provisioning. False : User does not store support for SCIM provisioning. | ||
| IsBulkImportSupported | Bulk Import Support | Define whether the userstore support for bulk user import operation | ||
| PasswordHashMethod | Password Hashing Algorithm | Specifies the Password Hashing Algorithm used the hash the password before storing in the user store.
| ||
| MultiAttributeSeparator | Multiple Attribute Separator | This property is used to define a character to separate multiple attributes. This ensures that it will not appear as part of a claim value. Normally “,” is used to separate multiple attributes, but you can define ",,," or "..." or a similar character sequence Default: “,” | ||
| StoreSaltedPassword | Enable Salted Passwords | Indicates whether to stores the password with salted value Default: true Possible values: false By default WSO2 IS stores the password with a salted value. The recommended way to protect passwords is to use salted password hashing. Once it is salted, the passwords are less vulnerable to dictionary and brute force attacks. Setting this property to false causes passwords to be stored without a salted value. This means that if two users (Bob and Alice) have the same password, it is stored as the same hash value.
However, if salted passwords are used, WSO2 IS adds a random value to the password and then generates the hash of the password. Therefore if two users have the same password, they would be stored as different hashed values. Therefore, this This is a more secure method of storing passwords. | ||
| MaxUserNameListLength | Maximum User List Length | Controls the number of users listed in the user store of a WSO2 product. This is useful when you have a large number of users and do not want to list them all. Setting this property to 0 displays all users. (Default: 100) In some user stores, there are policies to limit the number of records that can be returned from a query. By setting the value to 0, it will list the maximum results returned by the user store. If you need to increase this number, you need to set it in the user store level. Eg: Active directory has the MaxPageSize property with the default value of 1000. | ||
| MaxRoleNameListLength | Maximum Role List Length | Controls the number of roles listed in the user store of a WSO2 product. This is useful when you have a large number of roles and do not want to list them all. Setting this property to 0 displays all roles. (Default: 100) In some user stores, there are policies to limit the number of records that can be returned from a query. By setting the value to 0, it will list the maximum results returned by the user store. If you need to increase this number, you need to set it in the user store level. Eg: Active directory has the MaxPageSize property with the default value of 1000. | ||
| UserRolesCacheEnabled | Enable User Role Cache | This is to indicate whether to cache the role list of a user. (Default: true) Possible values: false: Set it to false if the user roles are changed by external means and those changes should be instantly reflected in the Carbon instance. | ||
| TenantManager | Define the tenant manager class specific to each user store type. This is only used in primary user store since its shared among tenants. JDBC : org.wso2.carbon.user.core.tenant.JDBCTenantManagerLDAP / AD : org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager | |||
| CountRetrieverClass | Count Implementation | This defines the user /role count retriever implementation class (Only supported for) Possible values: |
...
Overview
Content Tools
Activity