Create Secondary User Store with LDAP in WSO2IS 5.11.0 via deployment.toml

Question

i am trying to create a secondary user store (LDAP in this case) in WSO2IS (5.11.0) throught deployment.toml but within the wso2 documentation there isn't anything about this topic; in particular here : https://is.docs.wso2.com/en/5.11.0/setup/configuring-secondary-user-stores/ is described how we can create a secondary user store directly via wso2 console. Is there someone who can show me how is the configuration into deployment.toml that i have to write to allow the creation of this secondary user store not via console but via deployment.toml?

I tryed to follow this guide : https://is.docs.wso2.com/en/5.11.0/setup/configuring-a-read-write-ldap-user-store/#properties-used-in-read-write-ldap-user-store-manager but here you can change a primary user store from H2 to LDAP in this case, but this is not what i expected (i want to add a secondary user store not change the primary)

Answer 1

This is what you can do as a workaround, create a secondary userstore from the UI. This will create an XML file with the userstore configurations in the directory <IS_HOME>/repository/deployment/server/userstores. Use this XML as a template and maintain it as you maintain the deployment.toml, when the pod is created you can copy this userstore.xml file to the same location.

Answer 2

Since your instance is installed as a Kubernetes pod, you can mount a persistent volume and add the secondary user stores there. This will automatically populate the XML files to the new pods.