Configure Role Mapping providers

Role mapping is the process whereby principals (users or groups) are dynamically mapped to security roles at runtime. In WebLogic Server, a Role Mapping provider determines what security roles apply to the principals stored a subject when the subject is attempting to perform an operation on a WebLogic resource. Because this operation usually involves gaining access to the WebLogic resource, Role Mapping providers are typically used with Authorization providers.

WebLogic Server includes the WebLogic Role Mapping provider, which is the standard Role Mapping provider for the WebLogic Security Framework. Note that the Administration Console refers to the WebLogic Role Mapping provider as the Default Role Mapper.

To configure a Role Mapping provider:

If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
In the left pane, select Security Realms and click the name of the realm you are configuring (for example, myrealm).
Select Providers > Role Mapping.
The Role Mapping Providers table lists the Role Mapping providers configured in this security realm
Click New.
The Create a New Role Mapping Provider page appears.
In the Name field, enter a name for the Role Mapping provider.
From the Type drop-down list, select the type of the Role Mapping provider and click OK.
Select Providers > Role Mapping and click the name of the new Role Mapping provider to complete its configuration.
Optionally, under Configuration > Provider Specific, set Role Deployment Enabled if you want to store security roles that are created when you deploy a Web application or an Enterprise JavaBean (EJB).
Click Save to save your changes.
In the Change Center, click Activate Changes and then restart WebLogic Server.