WebSphere Application Server - Express security supports the use of custom registries in addition to LocalOS and LDAP registries for authentication and authorization purposes. A custom user registry is a user registry that you implement. You must implement the UserRegistry 
interface that is provided by WebSphere Application Server - Express. A custom implemented user registry can support virtually any type of user registry, such as a relational database or a flat file. The custom user registry provides considerable flexibility in adapting WebSphere Application Server - Express security to various environments where a user registry other than LDAP or LocalOS already exists.
Implementing a custom user registry is a software development effort. Use the methods defined in the UserRegistry interface to make calls to the desired registry to obtain user and group information. The interface defines a very general set of methods, so it can be used to encapsulate a wide variety of registries. For more information, see UserRegistry interface methods. A custom user registry can be configured as the active user registry when configuring WebSphere Application Server - Express global security.
Note: Make sure that your implementation of the custom registry does not depend on any WebSphere Application Server - Express components such as data sources. Do not have this dependency because security is initialized and enabled prior to most of the other WebSphere Application Server - Express components during startup. For example, if your implementation uses a data source to connect to a database, use JDBC to connect to the database instead.
See these code examples for a simple implementation of a custom user registry:
Perform these steps to develop a custom user registry:
If you are not familiar with the concept of custom user registries, see Custom user registries. This topic explains each of the methods in the interface in detail.
Implement all of the methods in the interface except for the createCredential() method, which is implemented by WebSphere Application Server - Express.
Build your implementation.
To compile your code, you need the sas.jar and wssec.jar files in your classpath. For example:
javac -extdirs /QIBM/ProdData/WebASE/ASE5/java/ext:/QIBM/UserData/Java400/ext: /QIBM/ProdData/Java400/jdk13/lib/ext:/QIBM/ProdData/WebASE/ASE5/lib -classpath /QIBM/ProdData/WebASE/ASE5/lib/sas.jar: /QIBM/ProdData/WebASE/ASE5/lib/wssec.jar com/ibm/websphere/security/FileRegistrySample.java
Follow the steps in Configure custom user registries to configure your implementation using the WebSphere administrative console.
Note: As of Version 5.0.1, you can use JDBC connections to connect to the custom user registry database.