Configuring IBM virtual member manager

You can configure IBM® virtual member manager to be the directory service for FileNet® P8 .

A directory service provider, called VMM Provider, is implemented to retrieve users and groups from virtual member manager repositories. VMM Provider is used only with WebSphere Application Server version 7.0 or above that is configured for Federated Repositories.

Virtual member manager is a system component of WebSphere® Application Server. It performs Java™ Authentication and Authorization Service (JAAS) authentication by WebSphere Federated Repository, which is a type of WebSphere Application Server login module. Virtual member manager repositories are therefore the same as WebSphere federated repositories. In addition to serving as a WebSphere Application Server authentication provider, virtual member manager is also treated by Content Platform Engine as a virtual directory service. When you use WebSphere Application Server as the hosting application server, you can configure Content Platform Engine to retrieve users and groups from virtual member manager for the purposes of authorization.

A schematic representation of virtual member manager.

Virtual member manager provides the following benefits:
  • Support for heterogeneous directory services, such as both Active Directory and IBM Security Directory Server.
  • Support for heterogeneous repositories, such as LDAP repositories and file repositories.
Important: The virtual member manager system provides support specifically for users who need to support heterogeneous LDAP environments. In a typical LDAP environment where you have only a single LDAP provider, it is more optimal to set up a Content Platform Engine directory configuration for that specific LDAP provider. Additionally, configuring a typical LDAP environment using VMM configuration can cause unnecessary performance overhead and can complicate the transition to a container implementation.

Not all virtual member manager repositories support server-side sorting. To keep the behavior the same across repositories, VMM Provider does not retrieve the entire search result set; it retrieves only the first N principals from virtual member manager repositories for Principal Search. The value of N is defined by the page size of findUsers() or findGroups() method in the Content Platform Engine Realm class. VMM Provider returns only the first page of search result for Principal Search.