Use this command to create a security map for the specified connector connection pool. If the security map is not present, one is created. Also, use this command to map the caller identity of the application (principal or user group) to a suitable EIS principal in container-managed transaction-based scenarios. One or more named security maps may be associated with a connector connection pool. The connector security map configuration supports the use of the wild card asterisk (*) to indicate all users or all user groups.
For this command to succeed, you must have first created a connector connection pool using the create-connector-connection-pool command.
The enterprise information system (EIS) is any system that holds the information. It can be a mainframe, a messaging system, a database system, or an application.
This command is supported in remote mode only.
The authorized domain administration server administrative username.
The ––password option is deprecated. Use ––passwordfile instead.
This option replaces the –– password option. Using the ––password option on the command line or through the environment is deprecated. The ––passwordfile option specifies the name of a file containing the password entries in a specified format. The entry for the password must have the AS_ADMIN_ prefix followed by the password name in capital letters. For example, to specify the domain administration server password, use an entry with the following format: AS_ADMIN_PASSWORD=password, where password is the actual administrator password. Other passwords that can be specified include AS_ADMIN_MAPPEDPASSWORD, AS_ADMIN_USERPASSWORD, AS_ADMIN_MQPASSWORD, AS_ADMIN_ALIASPASSWORD, and so on.
The machine name where the domain administration server is running. The default value is localhost.
The port number of the domain administration server listening for administration requests. The default port number for Enterprise Edition is 4849.
If set to true, uses SSL/TLS to communicate with the domain administration server.
Indicates that any output data must be very concise, typically avoiding human-friendly sentences and favoring well-formatted data for consumption by a script. Default is false.
Setting to true will echo the command line statement on the standard output. Default is false.
If set to true (default), only the required password options are prompted.
Displays the help text for the command.
This option is deprecated in this release.
Specifies the name of the connector connection pool to which the security map belongs.
Specifies a list of backend EIS principals. More than one principal can be specified using a comma separated list. Use either the ––principals or ––usergroups options, but not both.
Specifies a list of backend EIS user group. More than one usergroups can be specified using a comma separated list.
Specifies the EIS username.
It is assumed that the connector pool has already been created using the create-connector-pool command.
asadmin> create-connector-security-map --user admin --passwordfile pwd_file.txt --poolname connector-pool1 --principals principal1, principal2 --mappedusername backend-username securityMap1 Command create-connector-security-map executed successfully