Configuring a user registry in Liberty

You can store user and group information for authentication in several types of registries.

Before you begin

You can configure user and group information for authentication in several types of registries.

A basic user registry
One or more LDAP registries (Operations are executed on all the configured registries.)
A custom user registry

Note: Unlike traditional WebSphere® Application Server, Liberty DOES NOT support Windows, AIX®, Linux®, or Windows local user registries.

About this task

Changing the user registry can affect both the server configuration and clients using the server. Before you change the user registry without restarting the server, consider the following points:

If you change the user registry type or realm name, all web clients must clear their single sign-on tokens.
If you change the user registry type or realm name, any values of accessId that are specified in the authorization bindings must be updated. The accessId takes the form of user:realmName/uniqueId or group:realmName/uniqueId. The realmName in the accessId must match the realmName for the configuration user registry.