Skip To Content

User Store

The user store or the identity store is a repository of user accounts and credentials. ArcGIS Server connects to the user store to authenticate a user requesting access to a resource.

In addition to connecting to your enterprise user store such asWindows Domain or any other directory service that supports an LDAP interface, ArcGIS Server also ships with a built-in storage mechanism where you can create your user accounts.

ArcGIS Server requires you to configure a user store while setting up security on your site.

Response properties

LDAP PropertiesDetails
ldapURLForUsers

The LDAP URL pointing to the user accounts.

Example

ldap://server:389/dc=mydomain,dc=com???(|(objectClass=userProxy)(objectClass=user))?
memberOfAttributeInUsers

The attribute of the user entry that contains role information.

Example

memberOf
usernameAttribute

The attribute of the user entry that is to be treated as the username.

Example

name
adminUser

The administrative account to the LDAP that has at least read access.

Example

cn=admin,cn=users,dc=mydomain,dc=com
adminUserPassword

The credentials for the administrative account.

Example

secret

WINDOWS PropertiesDetails
adminUser

The administrative account to the LDAP that has at least read access.

Example

cn=admin,cn=users,dc=mydomain,dc=com
adminUserPassword

The credentials for the administrative account.

Example

secret

CUSTOM PropertiesDetails
class

The fully qualified name of the Java class that implements custom access to the user store.

Example

com.myorg.userstore.DBUserStore
...

Any custom properties that are required by your class.

JSON Response syntax


{
  "type": "<BUILTIN | WINDOWS | LDAP | CUSTOM>",
  "properties": "<properties>"
}

JSON Response example

The JSON representation of a connection to LDAP:


{
  "type": "LDAP",
  "properties": {
    "userPassword": "secret",
    "isPasswordEncrypted": "false",
    "user": "uid=admin,ou=system",
    "userFullnameAttribute": "displayName",
    "userGivenNameAttribute": "givenName",
    "userSurnameAttribute": "sn",
    "ldapURLForUsers": "ldap://ldapserver:10636/ou=users,ou=ags,dc=example,dc=com",
    "userEmailAttribute": "mail",
    "usernameAttribute": "uid",
    "caseSensitive": "false",
    "userSearchAttribute": "dn", 
  }
}

The JSON representation of a connection to Windows Domain users:


{
  "type": "WINDOWS",
  "properties": {
    "userPassword": "secret",
    "isPasswordEncrypted": "false",
    "user": "mydomain\\winaccount",
    "userFullnameAttribute": "displayName",
    "userEmailAttribute": "mail",
    "userGivenNameAttribute": "givenName",
    "userSurnameAttribute": "sn",
    "caseSensitive": "false"
  }
}