Can Jazz be used with WAS Liberty configured with a federated user registry?
![]()
honglin (17●3)
| asked Dec 08 '21, 4:58 a.m.
edited Dec 10 '21, 12:37 a.m. by Geoffrey Clemm (30.1k●3●30●35) I have seen some contents in was liberty doc page: https://www.ibm.com/docs/zh/was-liberty/base?topic=authentication-federation-user-registries, it seems that was liberty supports federated user registry.
but I also found that in Jazz interactive installation guide page, after we select the application server to " Bundled IBM WebSphere Liberty profile" , the next user registry type option " Federated file-based realm" is dimed and can not be selected.
Select your application server:
Select your user registry type:
so does the was liberty can really be configured using federated user registry, as LDAP + basic ?
|
Accepted answer
![]()
Ralph Schoon (63.3k●3●36●46)
| answered Dec 08 '21, 5:16 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER edited Dec 08 '21, 5:17 a.m. I googled federated liberty site:jazz.net and found this: https://jazz.net/wiki/bin/view/Deployment/LibertyMultipleUserRegistries selected this answer as the correct answer
Comments thanks, I will try this tomorrow. and i still have a concern about the options in Jazz interactive installation guide page,
since it can be configure using federated user registry, why the option "Federated file-based realm" is dimed?
The interactive installation guide can only cover so many situations. More advanced options require user intervention. understood, but it indeed made confusion to me and wast a lot effot on it refering the guide content in WAS liberty doc page.
Recommend put a hyperlink to the option when the enduser choosing the interactive options.
I tried as follow the instructions page you give. It indeed worked.
But a new question appearing:
after enable the federated mode (basic + ldap) for Jazz, it seems that the basic user can not modify their password from the "View My Profile and LIcenses" menu, so it that supposed to be so? ![]() FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Yes that's supposed to be so - LDAP is the master/source of their authentication - they'll have to change their password using whatever method their organization uses to change the password in LDAP. then we can only modify user's password from Basic Repository munually modify the basicUserRegistry.xml?
showing 5 of 7
show 2 more comments
|
One other answer
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.