Hi, In the current implementation of Private PaaS cartridges, when a new Multi-tenant cartridge is deployed, it will share the same user store with Stratos. So the users in Stratos will be exposed to that particular multi-tenant service and vise versa. But when an admin login to the multi-tenant service, it can attach a secondary user store, but still shares the same primary user store.
One possible way to restrict users created in the MT service to access Stratos would be to make the JDBCUserStoreManager read only in the MT service user-mgt.xml so that it cannot create users in the primary user store. But would that be the expected behavior? Will the permission tree exposed via Stratos be visible to other MT services and vise versa? Thanks, -- *Lasindu Charith* Software Engineer, WSO2 Inc. Mobile: +94714427192 Web: blog.lasindu.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev