WAS v8.5 > Reference > SetsMap security roles to users or groups collection for SCA composites
Use this page to view and manage mappings of security roles to users and groups used with the Service Component Architecture (SCA) composites.
To view this dmgr console page, click Applications > Application Types > Business-level applications > application_name > deployed_asset_composition_unit_name > Map security roles to users or groups. This page is the same as the Map security roles to users or groups page in the Create new business-level application wizard. To view this page, your composition unit must support SCA security.
Different roles can have different security authorizations. Mapping users or groups to a role authorizes those users or groups to access applications defined by the role. Users, groups, and roles are defined when an application is installed or configured.
To map a role to a user or group, enable the Select check box beside the role name in the list and click a button. On the displayed page, specify one or more users or groups to map to the role.
Button descriptions. Use the buttons to map security roles to users, groups, or special subjects.
Button Resulting action Map Users Displays the Map users or groups page on which we can specify the users to have the selected security role. Map Groups Displays the Map users or groups page on which we can specify the groups to have the selected security role. Map Special Subjects Maps special subjects according to the option that you select: None specifies to map none of the special subjects to the role.
All Authenticated in Application's Realm specifies to map all of the authenticated users to a specified role. When you map all authenticated users to a specified role, all of the valid users in the current registry who have been authenticated can access resources that are protected by this role.
All Authenticated in Trusted Realms specifies to map all of the authenticated users in the trusted realms to a specified role. This option gives all authenticated users who belong to the user registry access to the application's realm and all authenticated users who belong to user registries access to realms which are trusted by the current security domain.
Everyone specifies to map everyone to a specified role. When you map everyone to a role, anyone can access the resources that are protected by this role and, essentially, there is no security.
Role
Security role.
Special Subjects
Which special subjects are mapped to the security role. This option applies only when an application uses multiple realms.
- None
- Specifies to map none of the special subjects to the role.
- All Authenticated in Application's Realm
- Specifies to map all of the authenticated users to a specified role. When you map all authenticated users to a specified role, all of the valid users in the current registry who have been authenticated can access resources that are protected by this role.
- All Authenticated in Trusted Realms
- Specifies to map all of the authenticated users in the trusted realms to a specified role. All authenticated users who belong to the user registry that is mapped to the application's realm and all authenticated users who belong to user registries that are mapped to realms which are trusted by the current security domain are successfully authorized.
- Everyone
- Specifies to map everyone to a specified role. When you map everyone to a role, anyone can access the resources that are protected by this role and, essentially, there is no security.
To change the value, select the role, click Map Special Subjects, and select an option.
Users
Lists the users that are mapped to the specified role within this application.
Users from the non-default realm are displayed as user@realm.
Groups
Lists the groups that are mapped to this specified role within this application.
Related
Assigning users and groups to roles
Reference:
Composition unit settings
Map RunAs roles to users collection for SCA composites