blob: 9c6e376299bd5c93088b2c738ae352ba7fce1d84 [file] [log] [blame]
type=page
status=published
title=create-connector-security-map
next=create-connector-work-security-map.html
prev=create-connector-resource.html
~~~~~~
= create-connector-security-map
[[create-connector-security-map-1]][[GSRFM00020]][[create-connector-security-map]]
== create-connector-security-map
Creates a security map for the specified connector connection pool
[[sthref175]]
=== Synopsis
[source]
----
asadmin [asadmin-options] create-connector-security-map [--help]
--poolname connector_connection_pool_name
[--principals principal-name1[,principal-name2]*]
[--usergroups user-group1[,user-group2]*]
[--mappedusername user-name]
[--target target]
mapname
----
[[sthref176]]
=== Description
The `create-connector-security-map` subcommand creates a security map
for the specified connector connection pool. If the security map is not
present, a new one is created. This subcommand can also map the caller
identity of the application (principal or user group) to a suitable
enterprise information system (EIS) principal in container-managed
authentication scenarios. The EIS is any system that holds the data of
an organization. It can be a mainframe, a messaging system, a database
system, or an application. One or more named security maps can be
associated with a connector connection pool. The connector security map
configuration supports the use of the wild card asterisk (`*`) to
indicate all users or all user groups.
To specify the EIS password, you can add the `AS_ADMIN_MAPPEDPASSWORD`
entry to the password file, then specify the file by using the
`--passwordfile` `asadmin` utility option.
For this subcommand to succeed, you must have first created a connector
connection pool using the `create-connector-connection-pool` subcommand.
This subcommand is supported in remote mode only.
[[sthref177]]
=== Options
asadmin-options::
Options for the `asadmin` utility. For information about these
options, see the link:asadmin.html#asadmin-1m[`asadmin`(1M)] help page.
`--help`::
`-?`::
Displays the help text for the subcommand.
`--poolname`::
Specifies the name of the connector connection pool to which the
security map belongs.
`--principals`::
Specifies a list of backend EIS principals. More than one principal
can be specified using a comma-separated list. Use either the
`--principals` or `--usergroups` options, but not both in the same
command.
`--usergroups`::
Specifies a list of backend EIS user group. More than one user groups
can be specified using a comma separated list. Use either the
`--principals` or `--usergroups` options, but not both in the same
command.
`--mappedusername`::
Specifies the EIS username.
`--target`::
Do not specify this option. This option is retained for compatibility
with earlier releases. If you specify this option, a syntax error does
not occur. Instead, the subcommand runs successfully and displays a
warning message that the option is ignored.
[[sthref178]]
=== Operands
mapname::
The name of the security map to be created.
[[sthref179]]
=== Examples
[[GSRFM467]][[sthref180]]
==== Example 1   Creating a Connector Security Map
This example creates `securityMap1` for the existing connection pool
named `connector-pool1`.
[source]
----
asadmin> create-connector-security-map --poolname connector-pool1
--principals principal1,principal2 --mappedusername backend-username securityMap1
Command create-connector-security-map executed successfully
----
[[sthref181]]
=== Exit Status
0::
subcommand executed successfully
1::
error in executing the subcommand
[[sthref182]]
=== See Also
link:asadmin.html#asadmin-1m[`asadmin`(1M)]
link:delete-connector-security-map.html#delete-connector-security-map-1[`delete-connector-security-map`(1)],
link:list-connector-security-maps.html#list-connector-security-maps-1[`list-connector-security-maps`(1)],
link:update-connector-security-map.html#update-connector-security-map-1[`update-connector-security-map`(1)]