security-role-mapping (Sun Java System Application Server 9.1 Application Deployment Guide)

Skip to ContentSun and Oracle Channel Sun How to Buy Log In

Sun Java System Application Server 9.1 Application Deployment Guide

Contained Within

Find More Documentation

Featured Support Resources

Download this book in PDF (1365 KB)

security-role-mapping

Maps roles to users or groups in the currently active realm. See Realm Configuration in Sun Java System Application Server 9.1 Developer’s Guide.

The role mapping element maps a role, as specified in the EJB JAR role-name entries, to a environment-specific user or group. If it maps to a user, it must be a concrete user which exists in the current realm, who can log into the server using the current authentication method. If it maps to a group, the realm must support groups and the group must be a concrete group which exists in the current realm. To be useful, there must be at least one user in that realm who belongs to that group.

Superelements

sun-application (sun-application.xml), sun-web-app (sun-web.xml), sun-ejb-jar (sun-ejb-jar.xml)

Subelements

The following table describes subelements for the security-role-mapping element.

Table A–105 security-role-mapping Subelements


Element	Required	Description
role-name	only one	Contains the `role-name` in the `security-role` element of the corresponding Java EE deployment descriptor file.
principal-name	one or more if no `group-name`, otherwise zero or more	Contains a principal (user) name in the current realm. In an enterprise bean, the principal must have the run-as role specified.
group-name	one or more if no `principal-name`, otherwise zero or more	Contains a group name in the current realm.