WSRP supports the concept of user categories, which are included in the service description of the producer. Mapping user categories to the roles allows the user to map the roles that are defined in the consumer portal to the roles that are defined in the portlet. Sun Java System Portal Server maps Java System Access Manager's roles to the portlet's roles. These roles can be mapped to the corresponding WSRP user categories.
You can perform the following tasks:
Roles can be defined in the portlet while deploying the portlet.
The roles defined in the portlet must exist in the Access Manger of the producer.
The following task creates a role in amconsole in Sun Java System Access Manager and Portlets.
Log in to the Access Manager console.
Create a role and add a user to it.
In webxml of the portlet application, add the following code:
<security-role>
<role-name>PS_TEST_DEVELOPER_ROLE<role-name>
</security-role>
Add the following lines in portlet.xml of the portal.
<security-role-ref>
<role-name>PS_TEST_DEVELOPER_ROLE<role-name>
<role-link>PS_TEST_DEVELOPER_ROLE<role-link>
</security-role-ref>
Create the portlet application war file.
Create a roles file with the following entry.
cn\=AM_TEST_DEVELOPER_ROLE,o\=DeveloperSample,dc\=india,dc\=sun,dc\=com=PS_TEST_DEVELOPER_ROLE
Deploy the portlet using the following command.
/opt/SUNWportal/bin/psadmin deploy-portlet -u amadmin -f ps_password -d "o=DeveloperSample,dc=india,dc=sun,dc=com"-p portal1 -i stockprice-8080 --rolesfile rolesfile TestPortlet.war
Do the following to map user categories to role:
In the Consumer tab, click the producer name link.
The Edit Configured Producer screen displays the following: User Category: The roles in the producer portlet. Local Roles: The roles that are defined at the consumer's Sun Java System Access Manager.
In the User Categories to Role Mapping section, map user categories to the roles defined at the consumer, and click OK.