Overview

In prior versions, Omni-Gen/Omni-Governance Console supported username authentication and authorization using WSO2_is. The WSO2 repository consisted of a local repository of users and permissions, and groups of users stored in LDAP servers (for example, MS Active Directory). Until now, only user names and authentication requests/responses were obtained by OGC over an LDAP connection. User names which belonged to groups in the enterprise AD, and made available to the Identity Server of OGC, WSO2_IS, each had to be manually re-authorized in WSO2_IS using the WSO2_IS Administration console.

The following sections detail how to configure a WSO2 based LDAP connection and User Store, which eliminates the redundant data entry, and allows the Subject per UserID Authorizations to be obtained from your enterprise LDAP Server (Active Directory).