Mapping users and groups to security roles

Map the Report Launcher security roles for WebSphere® Application Server client authentication to the users and groups you want to associate with each role.

1. Start the WebSphere Integrated Solutions console by entering the following URL in a web browser:

   http://server_host:<port>/ibm/console/login.do

   Where <port> is the port for the WebSphere Application Server profile. If WebSphere was installed in a new profile directory, the default port is 12060. If it was installed in the default WebSphere profile, the admin port is 9060.

   You can also find the configured port in the profile information file <WAS installation directory>/profiles/logs/AboutThisProfile.txt.

2. From the WebSphere Application Server administrative console, click Applications > Application Types -> WebSphere enterprise applications in the navigation pane.
   The Enterprise Applications page opens.
3. In the Enterprise Applications table, click HCL CompassReportLauncher.
   The Configuration page opens.
4. In the Detail Properties section, click Security role to user/group mapping to open a table showing the security-role names from the deployment descriptor.
   If the default roles are in use, these names are listed: Basic User, Team Member, Super User.
5. Click the Select check box for a role to select it.
   1. To add individual users or groups to a role, click the Map Users... or Map Groups... buttons. Use the search options provided to search the user registry for users and groups.
   2. Alternatively, click Map Special Subjects which supports role mapping to these user groups:. All Authenticated in Application's Realm, All Authenticated in Trusted Realms, and Everyone.
6. After mapping all users and groups, click OK on the Security role to user/group mapping page to save the mappings.
7. Click Save to save the changes directly to the master configuration.
   A server restart is not necessary to activate the updated security role mappings.