This topic describes how to assign users and groups to
roles if you are using WebSphere® Application Server
authorization for Java Platform, Enterprise Edition
(Java EE) roles.
About this task
These steps are common for both installing
an application and modifying an existing application. If the application
contains roles, you see the Security role to user/group mapping link
during application installation and also during application management,
as a link in the Additional properties section.
What to do next
This task is required to assign users and groups to roles,
which enables the correct users and groups to access a secured application.
If you are installing an application, complete your installation.
After the application is installed and running you can access your
resources according to the user and group mapping that you did in
this task. If you manage applications and modify the users and groups
to role mapping, make sure you save, stop, and restart the application
so that the changes become effective. Try accessing the Java EE resources in the application to verify
that the changes are effective.
Note: Depending upon how your active
user registry is configured, the search results of security user
or group role mappings are displayed in different formats. With federated
repository, LDAP, file-based and custom registries can be used. WebSphere Application Server can uniquely
identify users from various registries by the user names listed in
the table.
Attention: In a distributed environment, when you install WebSphere Application Server with samples,
enable security using federated repositories, and start the server1
server with sample applications, the server might create exceptions.
However, the server starts successfully. The deployment manager did
not create user and group samples when it created the deployment manager
profile. To resolve exceptions caused by the samples failing to load,
create your own sample users and groups. In the administrative console,
do the following:
- Click Users and Groups > Manage Users.
- Create the samples user and the sampadmn group.
The samples user is a member of the sampadmn group.
For more assistance, refer to the "Managing users" help topic
by clicking
More information about this page at the top right
of the Manage Users panel.