Features

The following outline lists virtual member manager features categorized into their major functional areas.

• A single model for managing organizational entities. Currently most WebSphere applications have their own models and components for managing organizational entities, and they provide different levels of security. Most applications are dependent on specific types and brands of repositories, assume a specific schema for the data in those repositories, and are not able to use repositories with existing data. Virtual member manager helps these applications by providing them a common model, secure access to various brands and types of repositories, and the ability to use repositories with existing data. The single model includes a set of organizational entity types and their properties, a repository-independent API and an SPI for plugging in repositories. XPath is chosen as the search language in the API and SPI.

  The single model also allows virtual member manager applications to share data for organizational entities and decrease the number of repositories a customer has to manage.

• The ability to use new and existing repositories, that is enterprise directories, for both read-only and read-write operations.
• A file-based registry used for default WebSphere Application Server security. The file-based registry can be used by approximately 1000 users and 50 groups. However, the number of groups defined and the number of users per group affects the performance of searching for the group membership of a user. Users and groups can be added to the file using the virtual member manager API, the WebSphere Application Server User and Group Administration Portlet, or the wsadmin command for the virtual member manager API. The file-base registry also supports a local mode wsadmin command that allows a password to be reset in the file. The local mode can be used during WebSphere Application Server installation, before any WebSphere Application Servers are running. The file-based registry can be used to contain any user IDs needed by the WebSphere Application Server during initialization. These server user IDs can be user for the default WebSphere Application Server security.
• The ability to use a property extension repository for storing data that cannot be stored in existing repositories. Virtual member manager performs a property-level join between the property extension repository and a main profile repository, transparent to the calling applications.
• The ability to use multiple repositories simultaneously, entry-level join, to support the following requirements:
  • An existing repository used by virtual member manager that cannot provide all the functions needed to support virtual member manager applications, for example, the repository cannot store certain entities because it is read-only
  • Virtual member manager runs in a customer environment in which multiple repositories are used for storing data for organizational entities. Virtual member manager is able to use multiple repositories simultaneously by either performing basic integration itself or by using a product such as the Tivoli® Directory Integrator or the WebSphere Information Integrator.
• Limited transactional support when a mixture of non-transactional and transactional repositories are used.
  Note: No transactional support is provided when a non-transactional repository is used.
• Isolation of user population for virtual member manager applications, enabling them to perform operations that are scoped to only a subset of the data in the repositories.
• The ability to access repositories that are used for management purpose, but are not used by the WebSphere Application Server for security.
• Compatibility and integration with the WebSphere Application Server using the WebSphere Application Server User Registry.
  • By enabling customers to use virtual member manager with a WebSphere Application Server out-of-the-box User Registry adapter or custom User Registry adapter.
• Compatibility and migration from member manager 5.1. Member manager 5.1 is an IBM internal component shipped with a number of IBM products (for example, WebSphere Portal Server). Because member manager 5.1 was not shipped with WebSphere Application Server, only customers who are using IBM products that imbed MM 5.1 need to migrate from member manager 5.1 to virtual member manager in WebSphere Application Server 6.1, when the IBM products migrate to WebSphere Application Server 6.1. Migration instructions are provided in the WebSphere Application Server migration information.