Managing User Information with the Common Directory Service API
My webMethods Server provides several directory service options for managing users and groups:
My webMethods system directory. This is an internal
My webMethods Server user directory, available by default in all installations of
My webMethods Server. You can access information in this directory server using the
My webMethods user interface and the Common Directory Services (CDS) API. Both read and write access are available.
LDAP (Lightweight Directory Access Protocol).
My webMethods enables you to define one or more external LDAP user directories. For a list of supported directory server products, see
System Requirements for Software AG Products. You can access information in this directory server using the
My webMethods user interface and the CDS API. Only read access is available.
Database.
My webMethods Server also enables you to authenticate users against a database directory, which is a set of RDBMS tables and an SQL configuration to access these tables. You can implement a custom authentication module to extend authentication against a database directory. You can access information in this directory server using the
My webMethods user interface and the CDS API. Only read access is available.
My webMethods Server and applications and services running within it can access the user information contained in these directories, and you can configure external applications and services that have access to My webMethods Server to use this data.
In addition to working with users and groups in a directory service, you can access and maintain role information, which is maintained separately in the My webMethods Server database.
For example, you can:
Configure other suite applications, such as
webMethods Integration Server, to authenticate users from any of the above user directory options instead of from a user directory unique to
Integration Server.
Configure a process step in a business process to call a Java service to obtain user attributes from the directory service or role membership from the
My webMethods Server database, and pass that data into the process pipeline.
Configure a Java service to assign a user to a role programmatically.
The CDS API offers support for the following:
Search and discovery of users, groups, and roles.
Support for LDAP search controls for large directories.
Create and update users and groups in the system directory. All other external directories are read-only.
Delete users and groups from the system directory.
Create, update, and delete roles in
My webMethods Server.
Read custom attributes from LDAP and database directories.
Read and write custom profile attributes for users, groups, and roles (that is, attributes which are not managed by external directories).
For information about the Common Directory Services API, see the com.webmethods.sc.directory and com.webmethods.sc.mws packages in the webMethods CAF and My webMethods Server Java API Reference.