Chapter 7. Configuring a Security Domain to use a Security Mapping
Adding a security mapping to a security domain allows for authentication and authorization information to be combined after the authentication or authorization happens, but before the information is passed to the application. For more information on security mapping, please see the Security Mapping section of the Red Hat JBoss Enterprise Application Platform Security Architecture Guide.
To add a security mapping to an existing security domain, a code, type, and relevant module options must be configured. The code field is the short name, for example SimpleRoles, PropertiesRoles, DatabaseRoles, or class name of the security mapping module. The type field refers to the type of mapping this module performs, and the allowed values are principal, role, attribute, or credential. For a full list of the available security mapping modules and their module options, see the Security Mapping Modules section of the Red Hat JBoss Enterprise Application Platform Login Module Reference.
Example CLI Commands for Adding a SimpleRoles Security Mapping to an Existing Security Domain
/subsystem=security/security-domain=sampleapp/mapping=classic:add /subsystem=security/security-domain=sampleapp/mapping=classic/mapping-module=SimpleRoles:add(code=SimpleRoles,type=role,module-options=[("user1"=>"specialRole")]) reload