Mapping Security Roles
Use this procedure to map the security roles defined for the application to server security roles. These mappings are stored in ejb-j2ee-engine.xml.
- Open the ejb-j2ee-engine.xml.
- From the right-hand pane, choose the Security Roles tab.
The security roles defined in ejb-jar.xml are displayed in the left-hand pane of the Security Roles tab.
- Select the security role that you want to map.Note
By default, the No mappingoption is chosen, that is, the EJB application will be deployed without specifying the corresponding security role mapping. In this case, the mapping must be specified after deployment by using the Security Provider Service .
- Choose the Role based mapping option and either enter the server role name in the corresponding field, or choose one of the default options (administrators, all, guests) from the drop-down list.Caution
If you have mapped your security roles to groups or users, you will only be able to view this mapping in the User based mapping option -> Group names or User names. However, this mapping is deprecated and will not be possible in SAP NetWeaver 7.1.
The mapping is stored in the <security-permission> element in the deployment descriptor.
The following code shows the result mapping of the carCustomer application security role to the guests server security role.
<security-permission> <security-role-map> <role-name>carCustomer</role-name> <server-role-name>guests</server-role-name> </security-role-map> </security-permission>