Before mapping roles, ensure that you have enabled LDAP/SSO authentication.
You can map non-matching LDAP/SSO role values to an existing Spectrum Technology Platform role name. You can also map an LDAP/SSO role value with the same name as a Spectrum Technology Platform role to a different role. For example, one of the built-in roles is "designer." If you have an LDAP/SSO role value that is also named "designer," but you want it to map to another role, you could create a role map.
To map an LDAP/SSO role value to an existing Spectrum role:
Open a Web browser and go to http://server:port/jmx-console, where:
- server is the IP address or host name of your Spectrum Technology Platform server.
- port is the HTTP port used by Spectrum Technology Platform. The default is 8080.
Select this property:
com.pb.spectrum.platform.common.security.role:mappings=RoleMappingsThis property is visible only when you enable LDAP or LDAP/SSO authentication, and the Spectrum Technology Platform server is fully started.
In the addMapping section, configure these
- In the value field, enter the LDAP/SSO role value to map to a Spectrum Technology Platform role.
- In the roleName field, enter the Spectrum Technology Platform role to map to the LDAP attribute value.
- Click Invoke.