Secondary Custom UserStore using JDBCUserStoreManagerin WSO IS 5.9 - wso2

Need to create a secondary custom UserStore using JDBCUserStoreManager, I have a usertable with username and password as coloumns,
I need to configure the datasource , and then customer Userstore Manager class and using the username and password from the usertable I should be able to login to WSO2 IS 5.9
Thanks,
Subhash

You can follow this doc to write a custom userstore manager
You have to extend JDBCUserStoreManager class and overide the
methods.
Then can build the source code and deploy the artifact
into dropins folder as mentioned in thedoc.
When you are configuring the secondary userstore manager, you can point to the custom userstore manager. Please folow these two docs (doc1, doc2) to configure secondary userstores

Related

new created user claims are not recupareted from apimanagement database

I am using wso2 apimanager and I am creating new user claims via the carbon interface.
The claims are added on the database api manager IDN tables but not on the user management database.
I have 2 different key manager only one of them is able to recuperate claims from the AM database.
The 2 key manager have same user-mgt configuration and master datasource configuration.
My question is why one is able to recuperate claims and not the other and also why claims are stored on the api management database and not the user management database.

How to migrate base password user from Gigya to WSO2 IS

Should passwords be decrypted in gigya and imported into wso2 is to encrypt new ones? The risk is to drag passwords in the clear.
Should we extract the passwords with the hash and import them as such in WSO2 IS?
Are there other methods knowing that the base to migrate from Gigya to WSO2 IS about 3 million customers?
The easiest and best option to migrate users from gigya is run time user migration to WSO2 userstore.
For that you can do the following,
Plug the Giya userstore as a secondary userstore in WSO2 Identity Server
Let the PRIMARY userstore as the userstore where gigya users should migrated.
Write a custom userstore, which will first check whether user is available in PRIMARY userstore, if there authenticate from PRIMARY userstore.
If the user is not available in PRIMARY, authenticate user from secondary userstore and if user is successfully authenticated, create the same user in the PRIMARY userstore.
We can use this custom userstore and the secondary userstore till all the users migrated to the PRIMARY userstore of WSO2 Identity Server. Once all done we can remove the secondary userstore as well as the custom userstore.
Step three of my blog explains this : https://medium.com/#gdrdabarera/user-migration-to-wso2-identity-server-is-simple-and-easy-now-da7ac7052d31
Moreover, if you need help you can post your questions in our slack channel. So our developers can help you ASAP
https://join.slack.com/t/wso2is/shared_invite/enQtNzk0MTI1OTg5NjM1LTllODZiMTYzMmY0YzljYjdhZGExZWVkZDUxOWVjZDJkZGIzNTE1NDllYWFhM2MyOGFjMDlkYzJjODJhOWQ4YjE

WSO2 IS 5.2.0 change super administrator account

We are using WSO2 IS 5.2.0
We have integrated it with AD/LDAP (using LDAPUserStoreManager). We had userA from AD as our super administrator. Using this user we have registered all our apps under “Service Providers”.
Now because of some organisation changes we have to connect to different LDAP server for user authentication. We have changed the LDAP configuration manually in the user-mgt.xml file to point to new AD/LDAP server and userB from new LDAP is our new super admin.
Problem: We are not able to see the list of APPs that we had registered under “Service Providers” when we login as “userB”.
Question how can we transfer the list of apps (ownership) to new administrator?
We tried to update SP_APP table from backend but it is still not solving the problem.
(e.g. update SP_APP set username='userB' where APP_NAME='TestApp';)
Can someone please help us to know how can we transfer the list of apps under service provider so that it will be visible to new administrator?
When you create a Service Provider (SP), a role is created with it. If the name of the SP is "SomeName", a role is created is "Application/SomeName". Users with this particular role can see (and do any operation) that particular application.
So you need to assign these roles to the new admin user (or any other user that need to see the application) to make the applications visible to the new admin user.
See more information about creating service providers in WSO2 Identity Server in https://docs.wso2.com/display/IS541/Adding+and+Configuring+a+Service+Provider#AddingandConfiguringaServiceProvider-Addingaserviceprovider

Deploying a custom Password Policy file for WSO2 Identity Server

The documentation on how to create a custom password policy (https://docs.wso2.org/display/IS460/Password+Policies) is lacking details about how to deploy the custom password policy.
Does anyone here have any information about how to deploy the custom code?
As #AdrianMitev mentioned, you have to write java class to enforce new custom Password Policy.
Create new class as mentioned in the doc.
Build a jar
copy it into <IS_HOME>/repository/components/libs/ folder.
Then update the configuration file as mentioned in the doc.
HTH,
DarRay

WSO2 IS cannot add new profile from User Profile Management

When I go to "My Identity -> My Profiles", it does not give me the option to Add New Profile (as seen on the documentation for User Profile Management), but I can only edit the default profile.
I am using an external MySQL server as the JDBC user store, and creation and editing of users works fine.
I did not find any parameter in the xml files to enable this multiple profile feature. How should I proceed?
Thanks.
Yes. I also find the same. Adding multiple profile for user has been removed from UI. But with JDBC user store, I guess, we can add this using the web service API. Following is the API
https://{ip}:{port}/services/UserProfileMgtService?wsdl