RunAs roles to users mapping

Use this page to map RunAs roles to users. We can change the RunAs settings after an application deploys.

To view this administrative console page, click Applications > Install New Application. While running the application installation wizard, prompts appear to help you map RunAs roles to users. We can change the RunAs roles to users mappings for deployed applications by completing the following steps:

  1. Click Applications > Enterprise Applications > appname.

  2. Under Additional properties, click Map RunAs roles to users.

The enterprise beans you are installing contain predefined RunAs roles. RunAs roles are used by enterprise beans that need to run as a particular role for recognition while interacting with another enterprise bean.

User name

Specifies a user name for the RunAs role user.

This user already maps to the role specified in the Mapping users and groups to roles panel. We can map the user to its appropriate role by either mapping the user to that role directly or mapping a group that contains the user to that role.

Data type: String

Password

Specifies the password for the RunAs user.

Data type: String

Confirm password

Specifies the confirmed password of the administrative user.

Data type String

Role

Specifies administrative user roles.

A number of administrative roles have been defined to provide degrees of authority needed to perform certain WebSphere administrative functions from either the web based administrative console or the system management scripting interface. The authorization policy is only enforced when global security is enabled. The following roles are valid:

Monitor

This role is the least privileged. A user can view the server configuration and its current state.

Configurator

This role has the monitor privilege plus the ability to change the server configuration.

Operator

This role has the monitor privilege plus the ability to change the run-time state, such as starting or stopping services

Administrator

This role has the operator privileges plus the configurator privileges.