Configuring external databases for account-link storage
A specific table is required in order for PingFederate to store account links on your database server. Table-setup scripts are provided for supported database servers.
Steps
-
Create a database for account linking using one of the table-setup scripts located in the
<pf_install>/pingfederate/server/default/conf/account-linking/sql-scripts
directory. -
Go to System → Data & Credential Stores → Data Stores and create a new datastore to connect PingFederate to the database. For more information, see Configuring a JDBC connection.
-
On the Data Stores window, copy the system ID of the new account-linking datastore.
-
In the
org.sourceid.saml20.service.impl.AccountLinkingServiceDBImpl.xml
file, located in the<pf_install>/pingfederate/server/default/data/config-store
directory, replace the<c:item name="PingFederateDSJNDIName"/>
element value with the system ID of your datastore connection and save the file.For a clustered PingFederate environment, edit this file on the administrative console node first, and then replicate to other engine nodes using System → Server → Cluster Management as explained in later steps.
Example:
For example, if the system ID is
JDBC-123456789ABCDEF123456789ABCDEF123456A0AC
, update theorg.sourceid.saml20.service.impl.AccountLinkingServiceDBImpl.xml
file as follows.<?xml version="1.0" encoding="UTF-8"?> <c:config xmlns:c="http://www.sourceid.org/2004/05/config"> <c:item name="PingFederateDSJNDIName">JDBC-123456789ABCDEF123456789ABCDEF123456A0AC</c:item> </c:config>
-
Start or restart PingFederate.
-
If you are running PingFederate in a cluster, go to System → Server → Cluster Management and replicate this change to other runtime servers.