Identity Repository

The OpenSSO Identity Repository is the module where user identities are managed. It also is used to store configuration information, such as security policies and agent profiles, by the OpenSSO server itself. User information can be persisted in many kinds of data stores, such as a directory server or a data base, and the Identity Repository is the layer of opensso that sits on top of the data stores and allows you to manage the users in your system.

For other resources including the formal documentation set for opensso and some other links, see this link list below.

The user information can be stored in a different data store from the configuration information since user information is often very specific to your applications and environment. When you install opensso.war you can choose among some default provided data stores for both the user information and the system configuration information.

Managing and Accessing Identity Information for Users

The OpenSSO Identity Repository provides many ways to manage and access your user's identity information

OpenSSO provides a couple of Identity Repository implementations out of the box. For example, several implementations are provided to plug in to popular directory servers which might contain your user information. You can fairly easily switch to another data store if you are using one of the Identity Repository implemenations provided by OpenSOO. You can do this through the opensso console UI or ethrough the command line interface (CLI) if desired.

You can manage and access the identity information stored in the repository through several ways. For example, through the opensso CLI commands related to managing identities, through the Indentity Services for REST or WSDL , or through the opensso console UI.

TODO: add a link to a page listing the CLI commands related to creating, deleting, updating a user's attributes, reading etc of identity info such as attributes of a user's profile.

Creating a Custom Identity Repository

In addition to the Identity Repository implementations provided out of the box by OpenSSO, you can create your own custom plugin to any kind of data store. For example, if you wanted to store your user's information in a database such as MySQL or Oracle etc, you could create a plugin
Check out this page for some resoources and tips on creating a plugin for a custom identity repository .

Official Documentation and Links

Here are some links :

• Chapter on Data Stores of OpenSSO 8.0 Administration Guide This in general discusses some details of configuring and using various directory servers as data strores as the identity repositories of opensso.