InfoCenter Home >
5: Securing applications -- special topics >
5.2: Introduction to custom registries >
5.2.3: Building and configuring the sample user registry application

5.2.3: Building and configuring the sample user registry application

To use the sample custom registry, perform the following steps:

  1. Build the FileRegistrySample application.
  2. Configure WebSphere Application Server to use the FileRegistrySample registry.
This section describes these procedures.

Building the FileRegistrySample application

This section describes how to build the sample described in this article. This sample has been designed more for simplicity than performance and is intended only to familiarize you with the custom-registry feature. An implementation intended for production use requires much better scalability and performance.

The sample consists of the following files:

  • FileRegistrySample.java: the sample implementation itself
  • users.props: the users information in the registry
  • groups.props: the groups information in the registry
The complete source code is provided elsewhere in this package.

To run this sample, you must first build it and then configure it for use. This discussion assumes that:

  • WebSphere Application Server is installed in the C:\WebSphere\AppServer directory.
  • The sample is being run under Windows. The main difference between Windows and other platforms is where the files are located.

To build the sample, follow these steps:

  1. Copy the FileRegistrySample.java file to a directory, for example, C:\temp.
  2. Add the C:\WebSphere\AppServer\lib\websphere.jar file to the classpath.
  3. Compile the sample by using the Java compiler that is shipped with WebSphere Application Server. After compilation, you will have two class files:
    • FileRegistrySample.class
    • RegExpSample.class
  4. Copy the two class files to a directory that is on the classpath. For this sample, the C:\WebSphere\AppServer\classes directory is used because it is already on the classpath. Alternatively, you can add the directory in which the files reside, or a JAR file containing the files, to the classpath by modifying the value of the classpath in the appropriate configuration files, for example, on Windows platforms, admin.config and adminserver.bat.

Configuring the custom registry

Setting up security for a custom registry is very similar to setting up security for LDAP. If you are unfamiliar with the configuration of security in WebSphere Application Server, see Administering applications for more information about the process.

A custom registry is enabled by using the Security Center panel in the administrative console. On the Authentication panel, choose Lightweight Third Party Authentication (LTPA) as the authentication mechanism. Select the Custom User Registry button and fill in the required values for the following in the Custom User Registry Settings section:

  • Security Server ID
  • Security Server Password
  • Custom User Registry classname

The server ID and password combination must exist in the custom registry. The class name is the file in which you have implemented the CustomRegistry interface, for example, com.myCompany.mySample. This class file must be in the classpath environment variable of WebSphere Application Server. For the FileRegistrySample application, use the following values:

  • Security Server ID: dave
  • Security Server Password: dave1
  • Custom User Registry classname: FileRegistrySample

You can use also the Special custom settings button to create properties that are specific to your custom registry. All properties set here are provided to your implementation class during run time when the initialize method is called.

For the FileRegistrySample application, two additional properties are needed; they are used for locating the files that make up the registry. Set the usersFile property to the location of the users.props file; set the groupsFile property to the location of the groups.props file. For example, if these files are stored in the C:\temp directory, insert the following custom settings:

  • usersFile -- C:\temp\users.props
  • groupsFile -- C:\temp\groups.props

When the required information has been entered, click the OK button. Restart WebSphere Application Server. When it restarts, the custom registry is in use. The information in the users.props and groups.props files is now the information against which authentication and authorization requests are checked.

You can also use the XMLConfig tool to update the configuration information. When properties are entered using the Special custom settings button on the administrative console, the properties are stored with the prefix Custom_ in the database; this way, the administrative console can distinguish properties associated with the custom registry from other properties. The prefix is stripped off and the rest of the name is passed to the implementation. When using the XMLConfig tool to update the configuration, the string Custom_ must be prefixed to the name of the property as it appears in the administrative console. For example, the usersFile and groupsFile properties described for the sample application must be referred to as Custom_usersFile and Custom_groupsFile if you use the XMLConfig tool to modify them.

Go to previous article: The mapCertificate and checkPassword methods Go to next article: Source code reference

 

 
Go to previous article: The mapCertificate and checkPassword methods Go to next article: Source code reference