Use this task to assign users to naming roles
by using the administrative
console.
About this task
The following
steps are needed to assign users to naming roles.
In the administrative console, click Environment > Naming,
and click CORBA
Naming Service Users or CORBA Naming Service Groups.
Procedure
- Click Add on the CORBA Naming Service Users
or the CORBA
Naming Service Groups panel.
- To add a new naming
service user, follow the instructions on the
page to specify a user, and select one or more roles. Once the user
is added
to the "Mapped to role" list, click OK. The specified
user
is mapped to one or more security roles.
- To
add a new naming service group, follow the instructions on the
page to specify either a group name or a Special subject, highlight
one or
more roles, and click OK. The specified group or
special
subject are mapped to one or more the security roles
- To remove a user or group assignment, go to the CORBA Naming
Service Users or CORBA Naming Service Groups panel. Select
the
check box next to the user or group that you want to remove and click Remove.
- To manage the set of users or groups to display,
expand the Filter folder
on the right panel, and modify the filter text box. For example, setting
the
filter to user* displays only users with the user prefix.
- After modifications are complete, click Save to
save the
mappings. Restart the server for the changes to take effect.
Example
The default naming security policy is to
grant all users read
access to the CosNaming space and to grant any valid user the privilege
to
modify the contents of the CosNaming space. You can perform the previously
mentioned steps to restrict user access to the CosNaming space. However,
use
caution when changing the naming security policy. Unless a Java Platform,
Enterprise Edition (Java EE)
application has clearly specified
its naming space access requirements, changing the default policy
can result
in unexpected org.omg.CORBA.NO_PERMISSION exceptions at runtime.