Role mapping is the process of authorising a client's request to access a data resource. Role mapping is a two-step process:
A role map document contains the information required to undertake this process. A role map document specifies the credentials which must be supplied by clients to access a data resource and how these map to database user names and passwords.
The locations of the role map document for a specific data resource and the Java class used to execute the role map process is specified within the data resource configuration document for a specific data resource accessor - pages describing these are available via the main pages on configuration files.
Role mapping is intended to be "pluggable". That is you can specify your own role map class within a data resource configuration document and so use your own form of role map document if desired.
OGSA-DAI provides support for a simple form of role map document. This document provides data resource-specific mappings from X509 certificate credentials to database usernames and passwords: This document is described on the next page.
| Up: Configuration Files | Next: Simple Role Map Documents | |
| © International Business Machines Corporation, 2002-2006 | © The University of Edinburgh, 2002-2006 |