You Gotta Get an Administrative User - and a Gimmick
By docteger on May 21, 2008
Following are the four users created by OpenSSO in the embedded data store during an installation/configuration:
puseris a proxy user used for all queries made to the embedded data store. It benefits from a configured proxy user ACI and, therefore, can take on any user's privileges (for example, the organization administrator or an end user) and perform actions on behalf of that user when necessary. It maintains an open connection through which all queries are passed (retrieval of service configurations, organization information, etc.). The
puserpassword is always encrypted.
dsameuseris used for binding to the embedded data store when the Client SDK performs operations that are not linked to a particular user (for example, retrieving service configuration information).
puserperforms these operations on behalf of
dsameuser, but a bind must first validate the
dsameusershould have the permissions to add, delete, modify, and search the data store. secret12 is the default password.
amldapuseris used to bind to and search supported LDAP servers during LDAP and Membership authentication. The Authentication Service binds to the server as
amldapuserin order to search for a user to match the login identifier passed by the user. It is also used internally for configuring policy. secret123 is the default password.
amadminis the administrative user for OpenSSO. admin123 is the default password.