How to Write a Role Map Document

To write a simple role map document:

1. Copy the following XML document:

   <?xml version="1.0" encoding="UTF-8"?>
   <DatabaseRoles>
     <Database name="DATABASE-URI">
       <User dn="CREDENTIAL" userid="USER-ID" password="PASSWORD"/>
     </Database>
   </DatabaseRoles>
   

2. Replace DATABASE-URI with the driver-specific URI of your data resource. This should match the content of the dataResource.driver.uri element within the data resource configuration document refering to this role map document.
3. Replace CREDENTIAL with an allowed client's credentials. These must match the credentials that the client has in their X509 certificate.
   • If any client is to be allowed access to the database then replace CREDENTIAL with *
   • Note that if no such entry is provided then anonymous data resource access will not be permitted.
4. Replace USER-ID with a database user ID.
5. Replace PASSWORD with the corresponding database password.
6. If you want to allow access to more than one client then make a copy of the User element for each client and edit as described above.