...
Property | Value |
---|---|
config.file.location | Specify the path to the fediz-config.xml file |
role.group.mapper | Specify the class of the Role to Group Mapper |
groups.mapping.file | Specify the path to the Role - Group mapping file |
groups.mapping.refresh.timeout | Specify the refresh time (in sec) to reload the Group mapping file |
The file defined in groups.mapping.file
must have the following structure:
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
<?xml version="1.0" encoding="UTF-8"?>
<mapping>
<samlToJ2EE>
<claim>User</claim>
<groups>
<j2eeGroup>Authenticated</j2eeGroup>
<j2eeGroup>Users</j2eeGroup>
</groups>
</samlToJ2EE>
<samlToJ2EE>
<claim>Manager</claim>
<groups>
<j2eeGroup>Manager</j2eeGroup>
<j2eeGroup>Authenticated</j2eeGroup>
</groups>
</samlToJ2EE>
<samlToJ2EE>
<claim>Admin</claim>
<groups>
<j2eeGroup>Admin</j2eeGroup>
<j2eeGroup>Authenticated</j2eeGroup>
</groups>
</samlToJ2EE>
</mapping>
|
A role value defined in element claim
is mapped to a list of the Websphere JEE groups defined in j2eeGroup
. Finally, these Websphere groups must be mapped to JEE roles. This indirection is required within Websphere.
Fediz configuration
The Fediz related configuration is done in a Servlet Container independent configuration file which is described here.
...