Properties used in JDBC user store manager
Following are the properties that can be configured in JDBC user store manager.
Property Id | Primary user store Property | Secondary user store Property | Description |
---|---|---|---|
ReadGroups | read_groups | ReadGroups | When ReadGroups is set to false , it indicates whether groups should be read from the user store. If this is disabled, none of the groups in the user store can be read, and the following group configurations are NOT mandatory: GroupSearchBase, GroupNameListFilter, or GroupNameAttribute.Default : true |
WriteGroups | write_groups | WriteGroups | Indicates whether groups should be written to the user store Default : true |
PasswordHashMethod | password_hash_method | Password Hashing Algorithm | Specifies the Password Hashing Algorithm used to hash the password before storing it in the user store If you just enter the value `SHA`, it will be considered as `SHA-1`. It is always better to configure an algorithm with a higher bit value so that the digest bit size would be increased.
|
UsernameJavaRegEx | username_java_regex | UsernameJavaRegEx | This is the regular expression used by the back-end components for username validation. By default, strings with non-empty characters having a length of 3 to 30 are allowed. You can provide ranges of alphabets, numbers, and ASCII values in the RegEx properties. Default: ^[\S]{3,30}$ |
UsernameJava ScriptRegEx |
username_java_ script_regex |
UsernameJavaScriptRegEx | The regular expression used by the front-end components for username validation
Default: ^[\S]{3,30}$ |
UsernameJavaReg ExViolationErrorMsg |
username_java_reg _ex_violation_error_msg |
Username RegEx Violation Error Message | Error message when the username does not match with username_java_regex
Default: Username pattern policy violated |
PasswordJavaRegEx | password_java_regex | Password RegEx (Java) | This is the regular expression used by the back-end components for password validation. By default, strings with non-empty characters having a length of 5 to 30 are allowed. You can provide ranges of alphabets, numbers, and ASCII values in the RegEx properties. Default: ^[\S]{5,30}$ |
PasswordJava ScriptRegEx |
password_java_ script_regex |
Password RegEx (Javascript) | The regular expression used by the front-end components for password validation Default: ^[\S]{5,30}$ |
PasswordJavaReg ExViolationErrorMsg |
password_java_reg ex_violation_error_msg |
Password RegEx Violation Error Message | Error message when the Password is not matched with passwordJavaRegEx Default: The password length should be within 5 to 30 characters. |
RolenameJavaRegEx | rolename_java_regex | Role Name RegEx (Java) | This is the regular expression used by the back-end components for role name validation. By default, strings with non-empty characters having a length of 3 to 30 are allowed. You can provide ranges of alphabets, numbers, and ASCII values in the RegEx properties. Default: [a-zA-Z0-9._-|//]{3,30}$ |
MultiAttribute Separator |
multi_attribute _separator |
Multiple Attribute Separator | This property is used to define a character to separate multiple attributes. This ensures that it will not appear as part of a claim value. Normally “,” is used to separate multiple attributes, but you can define ",,," or "..." or a similar character sequence. Default: “,” |
MaxUserName ListLength |
max_user_name_ list_length |
Maximum User List Length | This controls the number of users listed in the user store of WSO2 Identity Server. This is useful when you have a large number of users and do not want to list them all. Setting this property to 0 displays all users. (Default: 100) In some user stores, there are policies to limit the number of records that can be returned from a query. By setting the value to 0, it will list the maximum results returned by the user store. If you need to increase this number, you need to set it in the user store level. Eg: Active directory has the MaxPageSize property with the default value of 100. |
MaxRoleName ListLength |
max_role_name_ list_length |
Maximum Role List Length | This controls the number of roles listed in the user store of WSO2 Identity Server. This is useful when you have a large number of roles and do not want to list them all. Setting this property to 0 displays all roles. (Default: 100) In some user stores, there are policies to limit the number of records that can be returned from a query. By setting the value to 0, it will list the maximum results returned by the user store. If you need to increase this number, you need to set it in the user store level. Eg: Active directory has the MaxPageSize property with the default value of 1000. |
UserRolesCacheEnabled | user_roles_cache_enabled | Enable User Role Cache | This is to indicate whether to cache the role list of a user. (Default: true) Possible values: false: Set it to false if the user roles are changed by external means and those changes should instantly reflect in the Carbon instance. |
CaseInsensitiveUsername | properties.CaseInsensitiveUsername | Case Insensitive Username | This enables the case insensitivity of the user's username. Default value is true for this configuration.
Eg: If a user's username is test , that user can also use the username as TEST .
|
CaseInsensitiveAttributes | properties.CaseInsensitiveAttributes | Case Insensitive Attributes | This is a comma-separated list of case insensitive attributes that are maintained in the user store. Default: not configured |