Network Deployment (Distributed operating systems), v8.0 > Reference > Sets
Map security roles to users or groups collection for SCA composites
Use this page to view and manage mappings of security roles to users and groups that are used with the Service Component Architecture (SCA) composites. From the console...
Applications > Application Types > Business-level applications > application_name > deployed_asset_composition_unit_name > Map security roles to users or groups . This page is the same as the Map security roles to users or groups page in the Create new business-level application wizard.
To view this page, your composition unit must support SCA security.
Different roles can have different security authorizations. Mapping users or groups to a role authorizes those users or groups to access applications defined by the role. Users, groups, and roles are defined when an application is installed or configured.
To map a role to a user or group, enable the Select check box beside the role name in the list and click a button. On the displayed page, specify one or more users or groups to map to the role.
Button descriptions. Use the buttons to map security roles to users, groups, or special subjects.
Button Resulting action Map Users Displays the Map users or groups page on which you can specify the users to have the selected security role. Map Groups Displays the Map users or groups page on which you can specify the groups to have the selected security role. Map Special Subjects Maps special subjects according to the option that you select: None specifies to map none of the special subjects to the role.
All Authenticated in Application's Realm specifies to map all of the authenticated users to a specified role. When you map all authenticated users to a specified role, all of the valid users in the current registry who have been authenticated can access resources that are protected by this role.
All Authenticated in Trusted Realms specifies to map all of the authenticated users in the trusted realms to a specified role. This option gives all authenticated users who belong to the user registry access to the application's realm and all authenticated users who belong to user registries access to realms which are trusted by the current security domain.
Everyone specifies to map everyone to a specified role. When you map everyone to a role, anyone can access the resources that are protected by this role and, essentially, there is no security.
Role
Special Subjects
Specifies which special subjects are mapped to the security role. This option applies only when an application uses multiple realms.
None
Specifies to map none of the special subjects to the role.
All Authenticated in Application's Realm
Specifies to map all of the authenticated users to a specified role. When you map all authenticated users to a specified role, all of the valid users in the current registry who have been authenticated can access resources that are protected by this role.
All Authenticated in Trusted Realms
Specifies to map all of the authenticated users in the trusted realms to a specified role. All authenticated users who belong to the user registry that is mapped to the application's realm and all authenticated users who belong to user registries that are mapped to realms which are trusted by the current security domain are successfully authorized.
Everyone
Specifies to map everyone to a specified role. When you map everyone to a role, anyone can access the resources that are protected by this role and, essentially, there is no security. To change the value, select the role, click Map Special Subjects, and select an option.
Users
Lists the users that are mapped to the specified role within this application.
Users from the non-default realm are displayed as user@realm.
Groups
Lists the groups that are mapped to this specified role within this application.
Assign users and groups to roles
Related
Composition unit settings
Map RunAs roles to users collection for SCA composites