This topic applies to WebSphere Application Server Liberty V8.5.5.9 and earlier. For the latest Liberty topics, see the WebSphere Application Server Liberty documentation.
User Registry Federation (federatedRepository)
Configuration for the user registry federation.
Attribute name | Data type | Default value | Description |
---|---|---|---|
id | string | A unique configuration ID. | |
maxSearchResults | int | 4500 | Maximum number of entries that can be returned in a search. |
pageCacheSize | int | 1000 | Defines the number of pagination requests that can be stored in the cache. The paging cache size needs to be configured based on the number of pagination requests executed on the system and the hardware system resources available. |
pageCacheTimeout | A period of time with millisecond precision | 30000ms | Defines the maximum time that an entry, which added to the page cache, is available. When the specified time has elapsed, the entry from the page cache is cleared. This needs to be configured based on the interval between pagination search requests executed on the system and the hardware system resources available. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. |
searchTimeout | A period of time with millisecond precision | 10m | Maximum amount of time, in milliseconds, to process a search. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds. |
- extendedProperty
Description: The extended properties for Person and Group.Required: falseData type: Attribute name Data type Default value Description dataType - Double
- Long
- Date
- String
- BigDecimal
- BigInteger
- Boolean
- Integer
Defines the data type of the property extended for Person and Group. The basic Java data types are supported. - Double
- Double
- Long
- Long
- Date
- Date
- String
- String
- BigDecimal
- BigDecimal
- BigInteger
- BigInteger
- Boolean
- Boolean
- Integer
- Integer
defaultValue string Defines the default value for the property during write operation, if no default value is set. entityType - PersonAccount
- Group
The name of the entity being mapped. The name of the entity can be PersonAccount or Group. - PersonAccount
- Person
- Group
- Group
id string A unique configuration ID. multiValued boolean false Defines if the property extended for Person and Group supports multiple values. name string Defines the name of the property extended for Person and Group.
- primaryRealm
Description: Primary realm configuration.Required: falseData type: Attribute name Data type Default value Description allowOpIfRepoDown boolean false Specifies whether operation is allowed if a repository is down. The default value is false. delimiter string / Delimiter used to qualify the realm under which the operation should be executed. For example, userid=test1/myrealm where / is the delimiter and myrealm is the realm name. name string Name of the realm. - primaryRealm > defaultParents
Description: The default parent mapping for the realm.Required: falseData type: Attribute name Data type Default value Description name string The name of the entity being mapped. The name of the entity can be PersonAccount or Group. parentUniqueName string The distinguished name under Base distinguished name (DN) in the repository under which all entities of the configured type will be created.
- primaryRealm > groupDisplayNameMapping
Description: The input and output property mappings for group display name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string cn The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string cn The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- primaryRealm > groupSecurityNameMapping
Description: The input and output property mappings for group security name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string cn The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string cn The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- primaryRealm > participatingBaseEntry
Description: The Base Entry that is part of this realm.Required: falseData type: Attribute name Data type Default value Description id string A unique configuration ID. name string Name of the base entry.
- primaryRealm > uniqueGroupIdMapping
Description: The input and output property mappings for unique group id in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string cn The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string uniqueName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- primaryRealm > uniqueUserIdMapping
Description: The input and output property mappings for unique user id used in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string uniqueName The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string uniqueName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- primaryRealm > userDisplayNameMapping
Description: The input and output property mappings for user display name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string principalName The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string principalName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- primaryRealm > userSecurityNameMapping
Description: The input and output property mappings for user security name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string principalName The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string uniqueName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- realm
Description: Reference to the realm.Required: falseData type: Attribute name Data type Default value Description allowOpIfRepoDown boolean false Specifies whether operation is allowed if a repository is down. The default value is false. delimiter string / Delimiter used to qualify the realm under which the operation should be executed. For example, userid=test1/myrealm where / is the delimiter and myrealm is the realm name. id string A unique configuration ID. name string Name of the realm. - realm > defaultParents
Description: The default parent mapping for the realm.Required: falseData type: Attribute name Data type Default value Description name string The name of the entity being mapped. The name of the entity can be PersonAccount or Group. parentUniqueName string The distinguished name under Base distinguished name (DN) in the repository under which all entities of the configured type will be created.
- realm > groupDisplayNameMapping
Description: The input and output property mappings for group display name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string cn The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string cn The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- realm > groupSecurityNameMapping
Description: The input and output property mappings for group security name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string cn The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string cn The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- realm > participatingBaseEntry
Description: The Base Entry that is part of this realm.Required: falseData type: Attribute name Data type Default value Description id string A unique configuration ID. name string Name of the base entry.
- realm > uniqueGroupIdMapping
Description: The input and output property mappings for unique group id in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string cn The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string uniqueName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- realm > uniqueUserIdMapping
Description: The input and output property mappings for unique user id used in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string uniqueName The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string uniqueName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- realm > userDisplayNameMapping
Description: The input and output property mappings for user display name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string principalName The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string principalName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- realm > userSecurityNameMapping
Description: The input and output property mappings for user security name in an user registry operation.Required: falseData type: Attribute name Data type Default value Description inputProperty string principalName The property that maps to the user registry attribute for input. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types. outputProperty string uniqueName The property that maps to the user registry attribute for output. The valid values are: uniqueId, uniqueName, externalId, externalName and the attributes of PersonAccount and Group entity types.
- supportedEntityType
Description: The default parent for an entity type mapping.Required: falseData type: Attribute name Data type Default value Description id string A unique configuration ID.