Bootstrap FreeKB - IBM WebSphere - User Accounts Repository - configure a federated repository
IBM WebSphere - User Accounts Repository - configure a federated repository
Updated:   |  IBM WebSphere articles

A federated repository is a system that contains a registry of users (eg. username, password, et cetera). This type of repository is called "federated" because the repository can be configured to get user accounts from multiple different systems:

  • LDAP
  • The fileRegistry.xml file on your WebSphere server
  • Operating System
  • SQL Database

Note that you cannot setup a SQL database repository using the WebSphere admin console. Instead, wsadmin must be used to setup a SQL database repository.

 

Security Configuration Wizard​

When using the WebSphere admin console, you can use the Security Configuration Wizard to create the Federated Repository, or you can manually configure the Federated Repository. Follow these steps to create the Federated Repository using the Security Configuration Wizard.

  1. In the WebSphere admin console, select Security Global Security.
  2. Select Security Configuration Wizard.
  3. At Step 1, you can optionally enable Application Security and Java 2 Security. If you enable these options, security constraints will be applied to the applications deployed to WebSphere. Select Next.
  4. Select Federated Repositories and select Next.
  5. Enter a username and password for the primary administrative user and select Next
  6. Select Finish.
  7. Select Save.

Now, in the User account repository section of the Global Security page, Federated repositories will be selected. The deployment manager will need to be restarted for this change to take effect, so that you can authenticate against the Federated Repository.

 

When setting up the Federated Repository using the Security Configuration Wizard, the Federated Repository will be configured to obtain user accounts from the ${was_install_root}/profiles/your_profile/config/cells/your_cell/fileRegistry.xml file on the WebSphere server. Selecting the Federated Repository will show "defaultWIMFileBasedRealm" and "InternalFileRepository".

 

Manually configure the Federated Repository

To manually configure a Federated Repository, at Security Global Security, select Configure.

 

Give the Federeted Repository a realm name, and a username for the primary administrative user account.

 

Add one or more repositories. In this example, the repository that is a file on the server is added to the Federated Respository.

 

Using wsadmin

The following wsadmin command will display the current type of repository being used.

wsadmin> AdminTask.listIdMgrRepositories()
'{InternalFileRepository={repositoryType=File, host=LocalHost}}'

 

If you would like, you can configure the federated repository to obtain credentials from other sources, such as from LDAP.

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter e3c164 in the box below so that we can be sure you are a human.