Framework for External User Data Sources

The basic User Data Sources framework allows importing user data from existing databases and enables importing user data from an LDAP and AD.

The implementation is not available using the Admin GUI and the information in this section is intended for EJBCA developers.

A custom userdatasource has two extra fields of data:

  • The first one is a set of CA ids that the userdatasource is applicable to. It can have a constant BaseUserDataSource.ANY_CA.

  • The second is a set of fields instructing the RA interface GUI which fields should be modifiable by the RA, and which should be fixed. Note that there is not connection between the user data source, isModifyable data, and the end entity profile isModifyable data. The userdata source instructs the RA GUI that when the userdata is added, it will be matched against the end entity profile, and it is the data in the end entity profile that really counts.

To implement a custom user data source, do the following:

  1. Create a class implementing the interface org.ejbca.core.model.ra.userdatasource.ICustomUserDataSource containing the methods: init(), fetch() and testConnection().
    See org.ejbca.core.model.ra.userdatasource.DummyCustomUserDataSource for an example implementation.

  2. Create a JAR file containing the class and deploy it to the application server.

  3. Make the user data source available to EJBCA by adding a userdata source, choose Custom user data source as type and enter its classpath and properties (using the same semantics as a regular java property file).

  4. It is now possible to fetch userdata from the userdata source from custom implemented webpages using the UserDataSourceSessionBean.fetch(AuthenticationToken admin, Collection<Integer> userdatasourceids, String searchstring) method.