Setting up a custom identity store using Java

ArcGIS Server can be secured with users and roles from a custom identity store. To do this, ArcGIS Server provides a Java interface that can be extended to define the user and role management functions. Through this capability, any custom identity store that is accessible through Java may be used to configure ArcGIS Server security. For example, a relational database system can be used as a custom identity store through that database's JDBC (Java Database Connectivity) API.

To configure a custom identity store using Java, follow the steps below:

Steps:
  1. Set up a Java development environment.
  2. Implement the identity store in Java.
  3. Deploy the custom identity store to ArcGIS Server.
  4. Configure ArcGIS Server to use the custom identity store.

Set up a Java development environment

Steps:
  1. Install ArcGIS Server on your development environment.
  2. Create a new Java project in a Java IDE of your choice.
  3. Add the following Java libraries to the project's build path:
    1. <ArcGIS Server installation directory>\framework\lib\server\arcgis-admin.jar
    2. <ArcGIS Server installation directory>\framework\lib\server\arcgis-common.jar
  4. Create a new Java class that implements the following interfaces:
    1. com.esri.arcgis.discovery.admin.security.UserStore
    2. com.esri.arcgis.discovery.admin.security.RoleStore
    NoteNote:

    For the Java documentation, see <ArcGIS Server installation directory>\help\samples\java\javadoc\index.html.

Implement the identity store in Java

Implement the methods for the UserStore and RoleStore interfaces. See <ArcGIS Server installation directory>\help\samples\java\CustomFileStore\ for a sample implementation.

Deploy the custom identity store to ArcGIS Server

Steps:
  1. Bundle the custom identity store implementation into a .jar file.
  2. Stop the ArcGIS Server process.
  3. Deploy the custom identity store .jar file and any other additional java libraries to the <ArcGIS Server installation directory>\framework\lib\server\ folder.
  4. Start the ArcGIS Server process.

Configure ArcGIS Server to use the custom identity store

Steps:
  1. Open the ArcGIS Sever Administrator Directory and log in.
  2. Click security > config > updateIdentityStore.
  3. Enter the User Store configuration in JSON format. The syntax is:

    {
    	"type": "JAVA",
    	"class": "Fully qualified Java User Store class name",
    	"properties": {
    		"Property One": "value",
       ....
    		"Property X": "value"
    	}
    }
    

    The type and class parameters are required. The individual store properties are optional and depend on your custom identity store implementation. For example, if the required parameters are hardcoded in your implementation, you do not need to specify any properties:

    {
    	"type": "JAVA",
    	"class": "Fully qualified Java User Store class name",
    	"properties": {}
    }
    

  4. Enter the Role Store configuration in JSON format. The syntax is:

    {
    	"type": "JAVA",
    	"class": "Fully qualified Java Role Store class name",
    	"properties": {
    		"Property One": "value",
       ....
    		"Property X": "value"
    	}
    }
    

  5. Click update to save your configuration.
12/18/2014