User RunAs collection
Use this page to map a specified user identity and password to a RunAs role. This panel enables you to specify application-specific privileges for individual users to run specific tasks using another user identity. To view this console page:
- Click Applications > Application Types > WebSphere enterprise applications > application_name.
- Under Detail properties, click User runAs roles.
The enterprise beans that you install contain predefined RunAs roles. RunAs roles are used by enterprise beans that need to run as a particular role for recognition while interacting with another enterprise bean.
If any value is modified on this page, all of the metadata files related to the application are refreshed in the configuration repository.
Username
User name for the RunAs role user.
This user already maps to the role specified in the Mapping users and groups to roles panel. We can map the user to its appropriate role by either mapping the user to that role directly or mapping a group containing the user to that role. After specified the user name and password for the user and select a RunAs role, click Apply.
The use of the username field is dependent on whether system authorization facility (SAF) delegation is enabled or disabled.
- SAF delegation is enabled. The username field is NOT used.
- SAF delegation is disabled. The username field is used.
Information Value Data type: String
Password
Password for the RunAs user.
The use of the password field is dependent on whether system authorization facility (SAF) delegation is enabled or disabled.
- SAF delegation is enabled. The password field is NOT used.
- SAF delegation is disabled. The password field is used.
Information Value Data type: String
Role
Maps specific capabilities to a user.
The authorization policy is only enforced when global security is enabled.
Related tasks
Assigning users to RunAs roles Assigning users and groups to roles