The User Management component of the WSO2 Carbon facilitates the management
and control�of user accounts and user roles at different levels. The key
functionalities of this component include:
Add, modify or remove user accounts
Add, modify or remove user roles
Add, modify or remove external user stores
Figure 1: User Management
Managing User Accounts
Use the Users page to add new user accounts,
modify existing accounts, or delete existing accounts.
Figure 2: Managing Users
In the navigator, under Configure, click User Store.
The User Management page appears.
Click Users in the System User Store
panel. The Users page�appears.
To add a user account, click Add New User. Enter the
user name and password, and click Finish.
To modify a user account, i.e., to change the password of the user,
click Change Password. Enter the new password and
click Change. Please note that you�cannot change the
user name of an existing user.
To delete a user account, click Delete. Please note
that you cannot delete the admin user account from the system.
Managing User Roles
Use the Roles page to add new user roles, modify
existing roles, or delete existing roles.
Figure 3: Roles Management
In the navigator, under Configure, click User
Store. The User Management
page�appears.
Click Roles in the System User Store
panel. The Roles page�appears.
To add a user role,�
Click Add New Role on the
Roles page.
Enter the role name, and optionally, you can select the users who
belong to that role.
Click Next.
Figure 4: Add user role
In step 2, select the permissions you want to assign to the role.
Click Finish.
The role you created will appear in the Roles
panel.
Figure 5: Add user role
You can modify role permissions, and re-assign the users belonging to
particular role, by clicking Edit Permissions, and
Edit Users respectively on the
Roles page..
To delete a role, click Delete on the
Roles page. Please note that you cannot delete
the admin role from the system.
Managing External User Stores
You can plug in an external user store, and use your existing users and
roles in third party user stores.
Note: WSO2 Carbon supports only�one external user store to
be plugged in parallel. However, you can have both the internal user store
and an external user store configured, and the Carbon platform will use both
of them when authenticating and authorizing users. If the same user names and
role names exist in the internal and external user stores, then the internal
user store is given precedence over external user store. Therefore to avoid
conflict it is strongly advised not to have conflicting user and role names.
Figure 6: External User Store
The User Manager supports the following forms of external user stores.
Lightweight Directory Access Protocol (LDAP) based user stores
Active Directory (AD) based user stores
Custom relational database based user stores
With LDAP and AD, you can use the existing authentication systems to control
access to the WSO2 Carbon platform. You can also use your own custom
database, designed to manage users and roles, and plug it into the WSO2
Carbon platform.
In the navigator, under Configure, click User Store.
The User Management page�appears.
Click Add External User Store. The Add
External User Store page appears.
To add a new external user store, specify the store type and all data
related to that store type. Click Finish.
Figure 7: Adding an external user store
To view the external user store, click View External Store
Configuration on the External User
Store page.
To edit or delete the external user store, click Edit
External Store Configuration and Delete External User
Store respectively, on the External User
Store page.
To test the connection with the external user store, click
Test Connection on the External User
Store page.