WSO2IS supports for account recovery/validation using identity management features. By default; it is supported to send the user notifications using emails. WSO2IS contains an email sending module with WSO2IS which is based on Axis2. But, you can configure any other notification modules with WSO2IS or extend the existing email sending module. This blog post describes […]
Category: User Management
User Management
By default; OpenLDAP does not hash the password by itself. If LDAP client sends a plain text value for userPassword in normal add/modify LDAP operation, OpenLDAP stores the userPassword as base64 encoded plain text value. Therefore; this value can be easily base64 decoded and can be retrieved the plain text password. So, LDAP client must hash the password […]
In this blog post, I would like to share how OpenLDAP can be installed. Step 1. Download latest openldap version from here You can use wget. >wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.40.tgz Step 2. Extract and Run configure >tar -zxvf db-4.8.30.NC.tar.gz > ./configure -enable-ppolicy –with-tls=openssl You can also just run the ./configure command. But in above, It is asked to […]
Consider about a scenarios that enterprise user’s details can be found in two place. User credentials may be kept in one user store and User’s attribute may be stored in another user store. Lets see how WSO2 Identity Server can be used to merge these two user stores and retrieve the user’s details in unique […]
In my previous blog post, we understood about Admin services in WSO2 products. We have implemented a web service client for RemoteUserStoreManagerService. We used Axis2 client for that. Today, we are going to look, how we can implement a JAX-WS cleint for invoking admin services. I am using the RemoteUserStoreManagerService as sample admin service. Step […]
Identity Server supports most of the user management related functions. It provides SOAP based web service API (More details from here ) and REST API (According to SCIM specification) for applications to use these user management functions. Also, these user management functions are called by the other component of the WSO2IS. As an example, These […]
In my previous post, we discussed how we can configure Identity Server (connected with LDAP) to authenticate users with multiple attributes. But I have seen that there are some conflict around using email user name with Identity Server. Let me explain them in briefly. Why is it not possible to authenticate with email attribute with […]
Identity Server supports for both In-bound and Out-bound provisions. First let try to understand what is meant by Out/In provisioning In-bound provisioning Provisioning users/groups to Identity Server’s user stores by an application (Service Provider). Supported via SCIM Standard. Also there is a SOAP based web service API. Users/Groups would be created in primary or secondary […]
If you are using Identity Server for user and role management,You may wonder how we could manage user’s attributes with it. In identity server, each user store attribute can be mapped as a claim. Therefore you need to go through claim management and properly map your LDAP/AD/JDBC user store attributes with the claim uris defined […]
In LDAP user object contains different attributes such as uid, cn , email and so on. Some of the attributes can be unique. As an example normally uid and email can be unique attributes for user. Once you connect your LDAP with an application, application can use one of unique attribute in LDAP to authenticate […]