Follow this topic to manage the realm in a federated repository
configuration.
Before you begin
The realm can consist of identities in:
- The file-based repository that is built into the system
- One or more external repositories
- Both the built-in, file-based repository and in one or more external
repositories
Before you configure your realm, review
Federated repositories limitations.
Procedure
- Configure your realm by using one of the following topics. You might be configuring your realm for the first time or changing
an existing realm configuration.
- Configure supported entity types using the steps described
in Configuring supported entity types in a federated repository configuration. You
must configure supported entity types before you can manage this account
with Users and Groups. The Base entry for the default parent determines
the repository location where entities of the specified type are placed
on a create operation.
- Configure the mapping for user or group attributes
of a user registry to federated repository properties in your realm
using the steps described in Configuring user repository attribute mapping in a federated repository configuration.
- Optional: Under Additional properties,
click the Custom properties link to configure custom properties.
- Optional: Use one or more of the following
tasks to extend the capabilities of storing data and attributes in
your realm:
- Configure an entry mapping repository using the steps
described in Configuring an entry mapping repository in a federated repository configuration. An entry mapping repository is used to store data for managing
profiles on multiple repositories.
- Configure a property extension repository using the
steps described in Configuring a property extension repository in a federated repository configuration. A property extension repository is used to store attributes
that cannot be stored in your Lightweight Directory Access Protocol
(LDAP) server.
- Set up a database repository using wsadmin commands
as described in Setting up an entry mapping repository, a property extension repository, or a custom registry database repository using wsadmin commands
- Optional: Use one or more of the following
advanced user tasks to extend the capabilities of LDAP repositories
in your realm:
- Optional: Manage repositories that are configured
in your system by following the steps described in Managing repositories in a federated repository configuration.
- Optional: Add an external repository into your
realm by following the steps described in Adding an external repository in a federated repository configuration.
- Optional: Change the password for the repository
that is configured under federated repositories by the following steps
described in Changing the password for a repository under a federated repositories configuration.
What to do next
- After configuring the federated repositories, click Security >
Global security to return to the Global security panel. Verify
that Federated repositories is identified in the Current® realm
definition field. If Federated repositories is not identified, select Federated
repositories from the Available realm definitions field and click Set
as current. To verify the federated repositories configuration,
click Apply on the Global security panel. If Federated repositories
is not identified in the Current realm definition field,
your federated repositories configuration is not used by WebSphere® Application Server.
- If you are enabling security, complete the remaining steps as
specified in Enabling security for the realm. As the final step,
validate this setup by clicking Apply in the Global security
panel.
- Save, stop, and restart all the product servers (deployment managers,
nodes, and Application Servers) for changes in this panel to take
effect. If the server comes up without any problems, the setup is
correct.