User RunAs collection

Use this page to map a specified user identity and password to a RunAs role. This panel enables you to specify application-specific privileges for individual users to run specific tasks using another user identity.

To view this administrative console page, complete the following steps:

Click Applications > Application Types > WebSphere enterprise applications > application_name.
Under Detail properties, click User runAs roles.

The enterprise beans that you install contain predefined RunAs roles. RunAs roles are used by enterprise beans that need to run as a particular role for recognition while interacting with another enterprise bean.

Note: If any value is modified on this page, all of the metadata files related to the application are refreshed in the configuration repository.

Username

Specifies a user name for the RunAs role user.

This user already maps to the role specified in the Mapping users and groups to roles panel. You can map the user to its appropriate role by either mapping the user to that role directly or mapping a group that contains the user to that role. After you specify the user name and password for the user and select a RunAs role, click Apply.

Note:

The use of the username field is dependent on whether system authorization facility (SAF) delegation is enabled or disabled.

SAF delegation is enabled. The username field is NOT used.
SAF delegation is disabled. The username field is used.

Information	Value
Data type:	String

Password

Specifies the password for the RunAs user.

Note:

The use of the password field is dependent on whether system authorization facility (SAF) delegation is enabled or disabled.

SAF delegation is enabled. The password field is NOT used.
SAF delegation is disabled. The password field is used.

Information	Value
Data type:	String

Role

Maps specific capabilities to a user.

The authorization policy is only enforced when global security is enabled.