Contents
The User Store stores a user's profile, including
attributes relating to that user. After a user has successfully
authenticated to the API Gateway, the Retrieve From User
Store filter can retrieve attributes belonging to that
user from the User Store. All attributes that
are retrieved are set to the attribute.lookup.list
.
Configure the following field:
Name:
Enter an appropriate name for this filter.
Configure the following fields on the Database tab:
User ID:
Select or enter the name of the message attribute that contains the
name of the user to look up in the User Store. For
example, if the user name is stored as admin
, you must
select the message attribute containing the value admin
.
The API Gateway then looks up the user the User Store
using this name.
Attributes:
Enter the list of attributes that the API Gateway should retrieve if it
successfully looks up the user identified by the message attribute specified
in the User ID field. All attribute values are stored in the
attribute.lookup.list
message attribute.
If no user attributes are specified, the API Gateway retrieves all
the user's registered attributes and sets them to the
attribute.lookup.list
attribute.
You can add attributes by selecting the Add button. Similarly, you can edit and remove existing attributes by selecting the Edit and Remove buttons.
Configure the following fields on the Advanced tab:
Enable legacy attribute naming for retrieved attributes:
Specifies whether to enable legacy naming of retrieved message attributes (unselected by default). Prior to version 7.1, retrieved attributes were stored in message attributes in the following format:
user.<retrieved_attribute_name>
For example, ${user.email}
, ${user.role}
, and so on.
If the retrieved attribute was multi-valued, you would access the values using
${user.email.1}
or ${user.email.2}
, and so on.
In version 7.1 and later, by default, you can now query for multi-valued retrieved
attributes using an array syntax (for example, ${user.email[0]}
or ${user.email[1]}
, and so on). You can also access other previously
unreachable fields in the retrieved attribute (for example,
${user.email.attKey}
or ${user.email.namespace}
).
Select this setting if you wish to use the legacy format for attribute naming.
Prefix for message attribute names:
You can specify an optional prefix for message attribute names. The default
prefix is user.