Administering Connector Work Security Maps

The EIS is any system that holds the data of an organization. It can be a mainframe, a messaging system, a database system, or an application. The connector work security map is used to is used to map the EIS credentials to the credentials of GlassFish Server security domain.

A security map applies to a particular connector connection pool. One or more named security maps can be associated with a connector connection pool.

The following topics are addressed here:

• To Create a Connector Work Security Map

• To List Connector Work Security Maps

• To Update a Connector Work Security Map

• To Delete a Connector Work Security Map

To Create a Connector Work Security Map

Use the create-connector-work-security-map subcommand in remote mode to map the caller identity of the work submitted by the connector module (resource adapter) EIS principal or EIS user group to a suitable principal or user group in the GlassFish Server security domain. One or more work security maps can be associated with a connector module.

The connector security map configuration supports the use of the wild card asterisk (*) to indicate all users or all user groups.

Before You Begin

Before creating a connector work security map, you must first create a connector connection pool. For instructions, see To Create a Connector Connection Pool.

1. Ensure that the server is running.

   Remote subcommands require a running server.

2. Create the connector work security map by using the create-connector-work-security-map(1) subcommand.

   Information about properties for the subcommand is included in this help page.

3. (Optional) If needed, restart the server.

   Some properties require server restart. See Configuration Changes That Require Server Restart. If your server needs to be restarted, see To Restart a Domain.

Example 15–16 Creating Connector Work Security Maps

The following examples create workSecurityMap1 and workSecurityMap2 for my-resource-adapter-name.

asadmin> create-connector-work-security-map --raname my-resource-adapter-name 
--principalsmap eis-principal-1=server-principal-1,eis-principal-2=server-principal-2, 
eis-principal-3=server-principal-1 workSecurityMap1

asadmin> create-connector-work-security-map --raname my-resource-adapter-name
--groupsmap eis-group-1=server-group-1,eis-group-2=server-group-2,
eis-group-3=server-group-1 workSecurityMap2
Command create-connector-work-security-map executed successfully

See Also

You can also view the full syntax and options of the subcommand by typing asadmin help create-connector-work-security-map at the command line.

To List Connector Work Security Maps

Use the list-connector-work-security-maps subcommand in remote mode to list the work security maps that belong to a specific connector module.

1. Ensure that the server is running.

   Remote subcommands require a running server.

2. List the connector work security maps by using the list-connector-work-security-maps(1) subcommand.

Example 15–17 Listing the Connector Work Security Maps

This example lists the generic work security maps.

asadmin> list-connector-work-security-maps generic-ra
generic-ra-groups-map: EIS group=eis-group, mapped group=glassfish-group
generic-ra-principals-map: EIS principal=eis-bar, mapped principal=bar
generic-ra-principals-map: EIS principal=eis-foo, mapped principal=foo
Command list-connector-work-security-maps executed successfully.

See Also

You can also view the full syntax and options of the subcommand by typing asadmin help list-connector-work-security-maps at the command line.

To Update a Connector Work Security Map

Use the update-connector–work-security-map subcommand in remote to modify a work security map that belongs to a specific resource adapter (connector module).

1. Ensure that the server is running.

   Remote subcommands require a running server.

2. List the connector work security maps by using the list-connector-work-security-maps(1) subcommand.

3. If necessary, notify users that the connector work security map is being modified.

4. Update a connector work security map by using the update-connector-work-security-map(1) subcommand.

Example 15–18 Updating a Connector Work Security Map

This example removes a principal from a work security map.

asadmin> update-connector-work-security-map --raname generic-ra 
--removeprincipals eis-foo generic-ra-principals-map
Command update-connector-work-security-map executed successfully.

See Also

You can also view the full syntax and options of the subcommand by typing asadmin help update-connector-work-security-map at the command line.

To Delete a Connector Work Security Map

Use the delete-connector–work-security-map subcommand in remote mode to delete a work security map that belongs to a specific connector module (resource adapter).

1. Ensure that the server is running.

   Remote subcommands require a running server.

2. List the connector work security maps by using the list-connector-work-security-maps(1) subcommand.

3. Delete a connector work security map by using the delete-connector-work-security-map(1) subcommand.

Example 15–19 Deleting a Connector Work Security Map

This example deletes the worksecuritymap1 map from the my_ra connector module.

asadmin> delete-connector-work-security-map --raname my_ra worksecuritymap1
Command delete-connector-work-security-map executed successfully.

See Also

You can also view the full syntax and options of the subcommand by typing asadmin help delete-connector-work-security-map at the command line.