| FRAMES | NO FRAMES | Description | Properties | Example |
The user store or the identity store is a repository of user accounts and credentials. ArcGIS Server connects to the
user store to authenticate a user requesting access to a resource.
In addition to connecting to your enterprise user store such as Windows Domain or any other
directory service that supports an LDAP interface, ArcGIS Server also ships with a built-in
storage mechanism where you can create your user accounts.
ArcGIS Server requires you to configure a user store while setting up security
on your site. The user store configuration is represented in JSON format as follows:
{
"type": "<BUILTIN | WINDOWS | LDAP | CUSTOM>",
"properties": <properties>
}
| BUILTIN Properties | Description |
|---|---|
| n/a | n/a |
| LDAP Properties | Description |
| ldapURLForUsers | The LDAP URL pointing to the user accounts Example: ldap://server:389/dc=mydomain,dc=com???(|(objectClass=userProxy)(objectClass=user))? |
| memberOfAttributeInUsers | The attribute of the user entry that contains role information Example: memberOf |
| usernameAttribute | The attribute of the user entry that is to be treated as the username Example: name |
| adminUser | The administrative account to the LDAP that has at least read access Example: cn=admin,cn=users,dc=mydomain,dc=com |
| adminUserPassword | The credentials for the administrative account Example: secret |
| WINDOWS Properties | Description |
| adminUser | The administrative account to the LDAP that has at least read access Example: cn=admin,cn=users,dc=mydomain,dc=com |
| adminUserPassword | The credentials for the administrative account Example: secret |
| CUSTOM Properties | Description |
| class | The fully qualified name of the Java class that implements custom access
to the user store. Example: com.myorg.userstore.DBUserStore |
| ... | Any custom properties that are required by your class. |
The JSON representation of a connection to LDAP:
{
"type": "LDAP",
"properties": {
"ldapURLForUsers": "ldap://server:389/dc=mydomain,dc=com???(|(objectClass=user))?",
"usernameAttribute": "name",
"adminUser": "cn=admin,cn=users,dc=mydomain,dc=com",
"adminUserPassword": "secret"
}
}
The JSON representation of a connection to Windows Domain users:
{
"type": "WINDOWS",
"properties": {
"adminUser": "ourdomain\\myreadonlyaccount",
"adminUserPassword": "secret"
}
}