Chapter 7. Configuring a Security Domain to use a Security Mapping
Adding a security mapping to a security domain allows for authentication and authorization information to be combined after the authentication or authorization happens, but before the information is passed to the application. For more information on security mapping, please see the Security Mapping section of the Red Hat JBoss Enterprise Application Platform Security Architecture Guide.
To add a security mapping to an existing security domain, a code, type, and relevant module options must be configured. The code field is the short name, for example SimpleRoles, PropertiesRoles, DatabaseRoles, or class name of the security mapping module. The type field refers to the type of mapping this module performs, and the allowed values are principal, role, attribute, or credential. For a full list of the available security mapping modules and their module options, see the Security Mapping Modules section of the Red Hat JBoss Enterprise Application Platform Login Module Reference.
Example CLI Commands for Adding a SimpleRoles Security Mapping to an Existing Security Domain
/subsystem=security/security-domain=sampleapp/mapping=classic:add
/subsystem=security/security-domain=sampleapp/mapping=classic/mapping-module=SimpleRoles:add(code=SimpleRoles,type=role,module-options=[("user1"=>"specialRole")])
reload
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.